{"cves":[{"cve_id":"CVE-2022-35755","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.3,"cvss_v4":null,"epss":0.19015,"ranking_epss":0.95337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35755","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35755"],"published_time":"2023-05-31T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35756","summary":"Windows Kerberos Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.14966,"ranking_epss":0.94577,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35756","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35756"],"published_time":"2023-05-31T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35758","summary":"Windows Kernel Memory Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00324,"ranking_epss":0.55489,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35758","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35758"],"published_time":"2023-05-31T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35759","summary":"Windows Local Security Authority (LSA) Denial of Service Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.04815,"ranking_epss":0.89517,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35759","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35759"],"published_time":"2023-05-31T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35743","summary":"Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00371,"ranking_epss":0.58963,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35743","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35743"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35744","summary":"Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.15493,"ranking_epss":0.94676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35744","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35744"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35745","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.02634,"ranking_epss":0.8572,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35745","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35745"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35746","summary":"Windows Digital Media Receiver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00374,"ranking_epss":0.59103,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35746","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35746"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35747","summary":"Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.01096,"ranking_epss":0.7803,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35747","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35747"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35749","summary":"Windows Digital Media Receiver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00374,"ranking_epss":0.59103,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35749","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35749"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35750","summary":"Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.04473,"ranking_epss":0.8911,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35750","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35750"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35751","summary":"Windows Hyper-V Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.06584,"ranking_epss":0.91181,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35751","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35751"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35752","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.02634,"ranking_epss":0.8572,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35752","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35752"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35753","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.02634,"ranking_epss":0.8572,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35753","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35753"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35754","summary":"Unified Write Filter Elevation of Privilege Vulnerability","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.002,"ranking_epss":0.4214,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35754","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35754"],"published_time":"2023-05-31T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21712","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00749,"ranking_epss":0.73163,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21712","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21712"],"published_time":"2023-04-27T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21765","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02036,"ranking_epss":0.83851,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21765","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21765"],"published_time":"2023-01-10T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21767","summary":"Windows Overlay Filter Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0083,"ranking_epss":0.74574,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21767","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21767"],"published_time":"2023-01-10T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21772","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01967,"ranking_epss":0.83559,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21772","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21772"],"published_time":"2023-01-10T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21773","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02013,"ranking_epss":0.83754,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21773","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21773"],"published_time":"2023-01-10T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21774","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01967,"ranking_epss":0.83559,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21774","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21774"],"published_time":"2023-01-10T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21776","summary":"Windows Kernel Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.01874,"ranking_epss":0.83158,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21776","http://packetstormsecurity.com/files/172300/Windows-Kernel-CmpDoReDoCreateKey-CmpDoReOpenTransKey-Out-Of-Bounds-Read.html","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21776"],"published_time":"2023-01-10T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21746","summary":"Windows NTLM Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.53737,"ranking_epss":0.98005,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21746","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21746"],"published_time":"2023-01-10T22:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21747","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00374,"ranking_epss":0.59125,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21747","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21747"],"published_time":"2023-01-10T22:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21748","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00547,"ranking_epss":0.67923,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21748","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21748"],"published_time":"2023-01-10T22:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21749","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01525,"ranking_epss":0.81317,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21749","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21749"],"published_time":"2023-01-10T22:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21750","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.0267,"ranking_epss":0.85836,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21750","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21750"],"published_time":"2023-01-10T22:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21754","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01532,"ranking_epss":0.81359,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21754","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21754"],"published_time":"2023-01-10T22:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21755","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01707,"ranking_epss":0.82354,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21755","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21755"],"published_time":"2023-01-10T22:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21757","summary":"Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.23953,"ranking_epss":0.96043,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21757","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21757"],"published_time":"2023-01-10T22:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21760","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.0085,"ranking_epss":0.74919,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21760","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21760"],"published_time":"2023-01-10T22:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21726","summary":"Windows Credential Manager User Interface Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00171,"ranking_epss":0.38328,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21726","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21726"],"published_time":"2023-01-10T22:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21728","summary":"Windows Netlogon Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.03423,"ranking_epss":0.87476,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21728","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21728"],"published_time":"2023-01-10T22:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21730","summary":"Microsoft Cryptographic Services Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00965,"ranking_epss":0.76598,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21730","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21730"],"published_time":"2023-01-10T22:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21732","summary":"Microsoft ODBC Driver Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05225,"ranking_epss":0.89968,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21732","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21732"],"published_time":"2023-01-10T22:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21739","summary":"Windows Bluetooth Driver Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00361,"ranking_epss":0.58261,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21739","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21739"],"published_time":"2023-01-10T22:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21560","summary":"Windows Boot Manager Security Feature Bypass Vulnerability","cvss":6.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.6,"cvss_v4":null,"epss":0.01155,"ranking_epss":0.78553,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21560","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21560"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21561","summary":"Microsoft Cryptographic Services Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00723,"ranking_epss":0.72581,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21561","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21561"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21563","summary":"BitLocker Security Feature Bypass Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00675,"ranking_epss":0.71499,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21563","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21563"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21674","summary":"Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.10144,"ranking_epss":0.93122,"kev":true,"propose_action":"Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21674","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-21674"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21675","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00994,"ranking_epss":0.76962,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21675","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21675"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21678","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00897,"ranking_epss":0.75669,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21678","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21678"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21679","summary":"Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00595,"ranking_epss":0.69357,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21679","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21679"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21680","summary":"Windows Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0043,"ranking_epss":0.62594,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21680","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21680"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21681","summary":"Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0155,"ranking_epss":0.81452,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21681","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21681"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21682","summary":"Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.08319,"ranking_epss":0.92292,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21682","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21682"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21683","summary":"Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.34282,"ranking_epss":0.96994,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21683","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21683"],"published_time":"2023-01-10T22:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21541","summary":"Windows Task Scheduler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00733,"ranking_epss":0.7277,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21541","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21541"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21542","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00954,"ranking_epss":0.76454,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21542","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21542"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21543","summary":"Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.0755,"ranking_epss":0.91841,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21543","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21543"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21546","summary":"Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00833,"ranking_epss":0.74639,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21546","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21546"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21548","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00628,"ranking_epss":0.70294,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21548","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21548"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21549","summary":"Windows SMB Witness Service Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.07019,"ranking_epss":0.915,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21549","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21549"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21552","summary":"Windows GDI Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00463,"ranking_epss":0.64314,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21552","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21552"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21555","summary":"Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00833,"ranking_epss":0.74639,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21555","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21555"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21556","summary":"Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.0327,"ranking_epss":0.87178,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21556","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21556"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21557","summary":"Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0512,"ranking_epss":0.89866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21557","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21557"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21558","summary":"Windows Error Reporting Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00622,"ranking_epss":0.70146,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21558","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21558"],"published_time":"2023-01-10T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21524","summary":"Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01119,"ranking_epss":0.78261,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21524","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21524"],"published_time":"2023-01-10T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21525","summary":"Remote Procedure Call Runtime Denial of Service Vulnerability","cvss":5.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.3,"cvss_v4":null,"epss":0.04257,"ranking_epss":0.88828,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21525","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21525"],"published_time":"2023-01-10T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21527","summary":"Windows iSCSI Service Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.28212,"ranking_epss":0.96511,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21527","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21527"],"published_time":"2023-01-10T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21532","summary":"Windows GDI Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.0038,"ranking_epss":0.5949,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21532","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21532"],"published_time":"2023-01-10T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21535","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00548,"ranking_epss":0.67938,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21535","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21535"],"published_time":"2023-01-10T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2023-21537","summary":"Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00419,"ranking_epss":0.61937,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21537","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21537"],"published_time":"2023-01-10T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44697","summary":"Windows Graphics Component Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01215,"ranking_epss":0.79047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44697","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44697"],"published_time":"2022-12-13T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44707","summary":"Windows Kernel Denial of Service Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.10228,"ranking_epss":0.93164,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44707","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44707"],"published_time":"2022-12-13T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44675","summary":"Windows Bluetooth Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.04058,"ranking_epss":0.88536,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44675","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44675"],"published_time":"2022-12-13T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44676","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00565,"ranking_epss":0.68489,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44676","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44676"],"published_time":"2022-12-13T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44678","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01186,"ranking_epss":0.78819,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44678","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44678"],"published_time":"2022-12-13T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44679","summary":"Windows Graphics Component Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00761,"ranking_epss":0.73393,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44679","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44679"],"published_time":"2022-12-13T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44680","summary":"Windows Graphics Component Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0118,"ranking_epss":0.78772,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44680","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44680"],"published_time":"2022-12-13T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44681","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01215,"ranking_epss":0.79047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44681","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44681"],"published_time":"2022-12-13T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44683","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02795,"ranking_epss":0.86121,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44683","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44683"],"published_time":"2022-12-13T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41077","summary":"Windows Fax Compose Form Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00895,"ranking_epss":0.75638,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41077","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41077"],"published_time":"2022-12-13T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41089","summary":".NET Framework Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.04521,"ranking_epss":0.89171,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41089","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41089"],"published_time":"2022-12-13T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41121","summary":"Windows Graphics Component Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00534,"ranking_epss":0.67449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41121","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41121"],"published_time":"2022-12-13T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44666","summary":"Windows Contacts Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.57145,"ranking_epss":0.98154,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44666","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44666"],"published_time":"2022-12-13T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44667","summary":"Windows Media Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01685,"ranking_epss":0.82244,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44667","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44667"],"published_time":"2022-12-13T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44668","summary":"Windows Media Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00603,"ranking_epss":0.69579,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44668","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44668"],"published_time":"2022-12-13T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-44670","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.0075,"ranking_epss":0.73189,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44670","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44670"],"published_time":"2022-12-13T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41074","summary":"Windows Graphics Component Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.04765,"ranking_epss":0.89468,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41074","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41074"],"published_time":"2022-12-13T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41076","summary":"PowerShell Remote Code Execution Vulnerability","cvss":8.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.5,"cvss_v4":null,"epss":0.34016,"ranking_epss":0.9698,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41076","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41076"],"published_time":"2022-12-13T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41097","summary":"Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.23122,"ranking_epss":0.95944,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41097","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41097"],"published_time":"2022-11-09T22:15:22","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41064","summary":".NET Framework Information Disclosure Vulnerability","cvss":5.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.8,"cvss_v4":null,"epss":0.00189,"ranking_epss":0.40783,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41064","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41064"],"published_time":"2022-11-09T22:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41039","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01001,"ranking_epss":0.77035,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41039","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41039"],"published_time":"2022-11-09T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41045","summary":"Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00259,"ranking_epss":0.49323,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41045","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41045"],"published_time":"2022-11-09T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41047","summary":"Microsoft ODBC Driver Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.1784,"ranking_epss":0.95147,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41047","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41047"],"published_time":"2022-11-09T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41048","summary":"Microsoft ODBC Driver Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.1784,"ranking_epss":0.95147,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41048","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41048"],"published_time":"2022-11-09T22:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37992","summary":"Windows Group Policy Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00895,"ranking_epss":0.75638,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37992","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37992"],"published_time":"2022-11-09T22:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41081","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.08417,"ranking_epss":0.92346,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41081","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41081"],"published_time":"2022-10-11T19:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38051","summary":"Windows Graphics Component Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02424,"ranking_epss":0.85162,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38051","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38051"],"published_time":"2022-10-11T19:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-41033","summary":"Windows COM+ Event System Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01723,"ranking_epss":0.8245,"kev":true,"propose_action":"Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41033","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41033","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-41033"],"published_time":"2022-10-11T19:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38045","summary":"Windows Server Service Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.15462,"ranking_epss":0.94668,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38045","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38045"],"published_time":"2022-10-11T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38047","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01265,"ranking_epss":0.79478,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38047","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38047"],"published_time":"2022-10-11T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38042","summary":"Active Directory Domain Services Elevation of Privilege Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.05778,"ranking_epss":0.90502,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38042","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38042"],"published_time":"2022-10-11T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38043","summary":"Windows Security Support Provider Interface Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0181,"ranking_epss":0.82867,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38043","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38043"],"published_time":"2022-10-11T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38044","summary":"Windows CD-ROM File System Driver Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.11031,"ranking_epss":0.93458,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38044","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38044"],"published_time":"2022-10-11T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38040","summary":"Microsoft ODBC Driver Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17266,"ranking_epss":0.95049,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38040","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38040"],"published_time":"2022-10-11T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38041","summary":"Windows Secure Channel Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.27321,"ranking_epss":0.96419,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38041","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38041"],"published_time":"2022-10-11T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38037","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.03021,"ranking_epss":0.86636,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38037","http://packetstormsecurity.com/files/169791/Windows-Kernel-Type-Confusion-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38037"],"published_time":"2022-10-11T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38038","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00924,"ranking_epss":0.7604,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38038","http://packetstormsecurity.com/files/169805/Windows-Kernel-Long-Registry-Path-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38038"],"published_time":"2022-10-11T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38028","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.04952,"ranking_epss":0.89669,"kev":true,"propose_action":"Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38028","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38028","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-38028"],"published_time":"2022-10-11T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38029","summary":"Windows ALPC Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.05875,"ranking_epss":0.90587,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38029","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38029"],"published_time":"2022-10-11T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38031","summary":"Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17266,"ranking_epss":0.95049,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38031","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38031"],"published_time":"2022-10-11T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38032","summary":"Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability","cvss":6.6,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.6,"cvss_v4":null,"epss":0.00692,"ranking_epss":0.71875,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38032","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38032"],"published_time":"2022-10-11T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38033","summary":"Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.14612,"ranking_epss":0.94493,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38033","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38033"],"published_time":"2022-10-11T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38034","summary":"Windows Workstation Service Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.1247,"ranking_epss":0.93938,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38034","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38034"],"published_time":"2022-10-11T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37997","summary":"Windows Graphics Component Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00547,"ranking_epss":0.67916,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37997","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37997"],"published_time":"2022-10-11T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37999","summary":"Windows Group Policy Preference Client Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00547,"ranking_epss":0.67916,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37999","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37999"],"published_time":"2022-10-11T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38000","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01036,"ranking_epss":0.77432,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38000","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38000"],"published_time":"2022-10-11T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38022","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":3.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00594,"ranking_epss":0.69332,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38022","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38022"],"published_time":"2022-10-11T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38026","summary":"Windows DHCP Client Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00405,"ranking_epss":0.6106,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38026","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38026"],"published_time":"2022-10-11T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-38027","summary":"Windows Storage Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00313,"ranking_epss":0.54498,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38027","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-38027"],"published_time":"2022-10-11T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37982","summary":"Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.12503,"ranking_epss":0.93953,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37982","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37982"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37984","summary":"Windows WLAN Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0063,"ranking_epss":0.7034,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37984","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37984"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37985","summary":"Windows Graphics Component Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.05274,"ranking_epss":0.90017,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37985","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37985"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37986","summary":"Windows Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00547,"ranking_epss":0.67916,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37986","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37986"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37987","summary":"Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.06632,"ranking_epss":0.91216,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37987","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37987"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37988","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0118,"ranking_epss":0.78775,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37988","http://packetstormsecurity.com/files/169731/Windows-Kernel-Registry-Use-After-Free.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37988"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37989","summary":"Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12029,"ranking_epss":0.93808,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37989","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37989"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37990","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00608,"ranking_epss":0.69751,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37990","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37990"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37991","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0118,"ranking_epss":0.78775,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37991","http://packetstormsecurity.com/files/169807/Windows-Kernel-Long-Registry-Key-Value-Out-Of-Bounds-Read.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37991"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37993","summary":"Windows Group Policy Preference Client Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00547,"ranking_epss":0.67916,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37993","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37993"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37994","summary":"Windows Group Policy Preference Client Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00713,"ranking_epss":0.72358,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37994","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37994"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37996","summary":"Windows Kernel Memory Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.01319,"ranking_epss":0.79895,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37996","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37996"],"published_time":"2022-10-11T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37975","summary":"Windows Group Policy Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.21134,"ranking_epss":0.9567,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37975","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37975"],"published_time":"2022-10-11T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37977","summary":"Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.16944,"ranking_epss":0.94983,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37977","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37977"],"published_time":"2022-10-11T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37978","summary":"Windows Active Directory Certificate Services Security Feature Bypass","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.10188,"ranking_epss":0.93147,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37978","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37978"],"published_time":"2022-10-11T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37981","summary":"Windows Event Logging Service Denial of Service Vulnerability","cvss":4.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":4.3,"cvss_v4":null,"epss":0.11074,"ranking_epss":0.93474,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37981","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37981"],"published_time":"2022-10-11T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22035","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01265,"ranking_epss":0.79478,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22035","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22035"],"published_time":"2022-10-11T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24504","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01265,"ranking_epss":0.79478,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24504","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-24504"],"published_time":"2022-10-11T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30198","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01036,"ranking_epss":0.77432,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30198","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30198"],"published_time":"2022-10-11T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-33634","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.00692,"ranking_epss":0.71873,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33634","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33634"],"published_time":"2022-10-11T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-33635","summary":"Windows GDI+ Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.06886,"ranking_epss":0.91403,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33635","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33635"],"published_time":"2022-10-11T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-33645","summary":"Windows TCP/IP Driver Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.19014,"ranking_epss":0.95335,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33645","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-33645"],"published_time":"2022-10-11T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34689","summary":"Windows CryptoAPI Spoofing Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.14369,"ranking_epss":0.94435,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34689","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34689"],"published_time":"2022-10-11T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35770","summary":"Windows NTLM Spoofing Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.5,"cvss_v4":null,"epss":0.15238,"ranking_epss":0.94628,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35770","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35770"],"published_time":"2022-10-11T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37965","summary":"Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability","cvss":5.9,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.9,"cvss_v4":null,"epss":0.06924,"ranking_epss":0.91432,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37965","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-37965"],"published_time":"2022-10-11T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-37969","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.11604,"ranking_epss":0.93674,"kev":true,"propose_action":"Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37969","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-37969"],"published_time":"2022-09-13T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35831","summary":"Windows Remote Access Connection Manager Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00646,"ranking_epss":0.70761,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35831","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35831"],"published_time":"2022-09-13T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35832","summary":"Windows Event Tracing Denial of Service Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00744,"ranking_epss":0.73066,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35832","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35832"],"published_time":"2022-09-13T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35835","summary":"Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13911,"ranking_epss":0.94333,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35835","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35835"],"published_time":"2022-09-13T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35836","summary":"Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13911,"ranking_epss":0.94333,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35836","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35836"],"published_time":"2022-09-13T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34718","summary":"Windows TCP/IP Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.85781,"ranking_epss":0.99383,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34718"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34719","summary":"Windows Distributed File System (DFS) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01109,"ranking_epss":0.78155,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34719","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34719"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34720","summary":"Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.29209,"ranking_epss":0.96602,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34720","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34720"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34721","summary":"Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.266,"ranking_epss":0.96347,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34721"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34722","summary":"Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":9.8,"cvss_v4":null,"epss":0.15561,"ranking_epss":0.94698,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34722"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34725","summary":"Windows ALPC Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.0,"cvss_v4":null,"epss":0.0119,"ranking_epss":0.7885,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34725","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34725"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34726","summary":"Microsoft ODBC Driver Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13534,"ranking_epss":0.94244,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34726","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34726"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34727","summary":"Microsoft ODBC Driver Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13534,"ranking_epss":0.94244,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34727","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34727"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34728","summary":"Windows Graphics Component Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.04166,"ranking_epss":0.887,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34728","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34728"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34729","summary":"Windows GDI Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.03061,"ranking_epss":0.86732,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34729","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34729"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34730","summary":"Microsoft ODBC Driver Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13534,"ranking_epss":0.94244,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34730","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34730"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34731","summary":"Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13911,"ranking_epss":0.94333,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34731","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34731"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34732","summary":"Microsoft ODBC Driver Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13534,"ranking_epss":0.94244,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34732","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34732"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34733","summary":"Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13911,"ranking_epss":0.94333,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34733","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34733"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34734","summary":"Microsoft ODBC Driver Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13534,"ranking_epss":0.94244,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34734","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34734"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35803","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01618,"ranking_epss":0.81847,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35803","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35803"],"published_time":"2022-09-13T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26929","summary":".NET Framework Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.04913,"ranking_epss":0.89625,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26929","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26929"],"published_time":"2022-09-13T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30170","summary":"Windows Credential Roaming Service Elevation of Privilege Vulnerability","cvss":7.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.3,"cvss_v4":null,"epss":0.02945,"ranking_epss":0.86466,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30170","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30170"],"published_time":"2022-09-13T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30200","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02026,"ranking_epss":0.83815,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30200","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30200"],"published_time":"2022-09-13T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34301","summary":"A flaw was found in CryptoPro Secure Disk bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00125,"ranking_epss":0.31684,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662","https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662"],"published_time":"2022-08-26T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34302","summary":"A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00143,"ranking_epss":0.34614,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662","https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662"],"published_time":"2022-08-26T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34303","summary":"A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media.","cvss":6.7,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00112,"ranking_epss":0.29707,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662","https://edk2-docs.gitbook.io/understanding-the-uefi-secure-boot-chain/secure_boot_chain_in_uefi/uefi_secure_boot","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01001.html","https://www.kb.cert.org/vuls/id/309662"],"published_time":"2022-08-26T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35820","summary":"Windows Bluetooth Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01071,"ranking_epss":0.77774,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35820","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35820"],"published_time":"2022-08-09T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35793","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.3,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.3,"cvss_v4":null,"epss":0.06177,"ranking_epss":0.90864,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35793","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35793"],"published_time":"2022-08-09T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35795","summary":"Windows Error Reporting Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01109,"ranking_epss":0.78155,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35795","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35795"],"published_time":"2022-08-09T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35767","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01202,"ranking_epss":0.78954,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35767","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35767"],"published_time":"2022-08-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35768","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00838,"ranking_epss":0.74715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35768","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35768"],"published_time":"2022-08-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35769","summary":"Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.19525,"ranking_epss":0.95417,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35769","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35769"],"published_time":"2022-08-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34706","summary":"Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02005,"ranking_epss":0.83713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34706","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34706"],"published_time":"2022-08-09T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34707","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00451,"ranking_epss":0.63741,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34707","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34707"],"published_time":"2022-08-09T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34708","summary":"Windows Kernel Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":5.5,"cvss_v4":null,"epss":0.02392,"ranking_epss":0.85055,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34708","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34708"],"published_time":"2022-08-09T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34713","summary":"Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.03259,"ranking_epss":0.87158,"kev":true,"propose_action":"A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34713","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-34713"],"published_time":"2022-08-09T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34714","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01467,"ranking_epss":0.80933,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34714","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34714"],"published_time":"2022-08-09T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-35760","summary":"Microsoft ATA Port Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01113,"ranking_epss":0.78198,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35760","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-35760"],"published_time":"2022-08-09T20:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-33670","summary":"Windows Partition Management Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00855,"ranking_epss":0.74994,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33670","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-33670"],"published_time":"2022-08-09T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34690","summary":"Windows Fax Service Elevation of Privilege Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00864,"ranking_epss":0.75132,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34690","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34690"],"published_time":"2022-08-09T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34691","summary":"Active Directory Domain Services Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.8,"cvss_v4":null,"epss":0.02213,"ranking_epss":0.84485,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34691","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34691"],"published_time":"2022-08-09T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34701","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.19525,"ranking_epss":0.95417,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34701","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34701"],"published_time":"2022-08-09T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-34702","summary":"Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":8.1,"cvss_v4":null,"epss":0.01071,"ranking_epss":0.77771,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34702","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34702"],"published_time":"2022-08-09T20:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30144","summary":"Windows Bluetooth Service Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01087,"ranking_epss":0.77945,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30144","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30144"],"published_time":"2022-08-09T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30194","summary":"Windows WebBrowser Control Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":null,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0233,"ranking_epss":0.84851,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30194","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30194"],"published_time":"2022-08-09T20:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30202","summary":"Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.0068,"ranking_epss":0.71622,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30202","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30202"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30203","summary":"Windows Boot Manager Security Feature Bypass Vulnerability","cvss":7.4,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.4,"cvss_v4":null,"epss":0.01468,"ranking_epss":0.80942,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30203","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30203"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30205","summary":"Windows Group Policy Elevation of Privilege Vulnerability","cvss":6.6,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":6.6,"cvss_v4":null,"epss":0.00729,"ranking_epss":0.72684,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30205","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30205"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30206","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.26384,"ranking_epss":0.96329,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30206","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30206"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30208","summary":"Windows Security Account Manager (SAM) Denial of Service Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.05642,"ranking_epss":0.90368,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30208","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30208"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30209","summary":"Windows IIS Server Elevation of Privilege Vulnerability","cvss":7.4,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":7.4,"cvss_v4":null,"epss":0.03191,"ranking_epss":0.87001,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30209","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30209"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30211","summary":"Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.04084,"ranking_epss":0.88579,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30211","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30211"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30213","summary":"Windows GDI+ Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00626,"ranking_epss":0.70257,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30213","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30213"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30220","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00742,"ranking_epss":0.73022,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30220","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30220"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30224","summary":"Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00489,"ranking_epss":0.65556,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30224","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30224"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30225","summary":"Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00376,"ranking_epss":0.59259,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30225","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30225"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30226","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.0059,"ranking_epss":0.69234,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30226","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30226"],"published_time":"2022-07-12T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22043","summary":"Windows Fast FAT File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00553,"ranking_epss":0.68087,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22043","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22043"],"published_time":"2022-07-12T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22047","summary":"Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01458,"ranking_epss":0.80868,"kev":true,"propose_action":"Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22047","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22047"],"published_time":"2022-07-12T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22048","summary":"BitLocker Security Feature Bypass Vulnerability","cvss":6.1,"cvss_version":3.0,"cvss_v2":6.6,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00854,"ranking_epss":0.74977,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22048","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22048"],"published_time":"2022-07-12T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22049","summary":"Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00708,"ranking_epss":0.72243,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22049","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22049"],"published_time":"2022-07-12T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22050","summary":"Windows Fax Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00772,"ranking_epss":0.73614,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22050","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22050"],"published_time":"2022-07-12T23:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22023","summary":"Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability","cvss":6.6,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":6.6,"cvss_v4":null,"epss":0.00278,"ranking_epss":0.51302,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22023","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22023"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22024","summary":"Windows Fax Service Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.8,"cvss_v4":null,"epss":0.018,"ranking_epss":0.82825,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22024","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22024"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22025","summary":"Windows Internet Information Services Cachuri Module Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.45135,"ranking_epss":0.97608,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22025","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22025"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22026","summary":"Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00547,"ranking_epss":0.67894,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22026","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22026"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22027","summary":"Windows Fax Service Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02285,"ranking_epss":0.84716,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22027","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22027"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22034","summary":"Windows Graphics Component Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00645,"ranking_epss":0.70746,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22034","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22034"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22036","summary":"Performance Counters for Windows Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00402,"ranking_epss":0.60864,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22036","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22036"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22037","summary":"Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":8.5,"cvss_v3":7.5,"cvss_v4":null,"epss":0.08437,"ranking_epss":0.92355,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22037","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22037"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22038","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.1,"cvss_v4":null,"epss":0.05754,"ranking_epss":0.90476,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22038","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22038"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22040","summary":"Internet Information Services Dynamic Compression Module Denial of Service Vulnerability","cvss":7.3,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":7.3,"cvss_v4":null,"epss":0.02876,"ranking_epss":0.86302,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22040","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22040"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22041","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":8.5,"cvss_v3":6.8,"cvss_v4":null,"epss":0.04421,"ranking_epss":0.89045,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22041","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22041"],"published_time":"2022-07-12T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21845","summary":"Windows Kernel Information Disclosure Vulnerability","cvss":4.7,"cvss_version":3.0,"cvss_v2":4.7,"cvss_v3":4.7,"cvss_v4":null,"epss":0.00626,"ranking_epss":0.70242,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21845","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21845"],"published_time":"2022-07-12T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22022","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00267,"ranking_epss":0.50211,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22022","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22022"],"published_time":"2022-07-12T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30151","summary":"Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.0038,"ranking_epss":0.59497,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30151","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30151"],"published_time":"2022-06-15T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30152","summary":"Windows Network Address Translation (NAT) Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.25242,"ranking_epss":0.96204,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30152","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30152"],"published_time":"2022-06-15T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30153","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.10873,"ranking_epss":0.93403,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30153","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30153"],"published_time":"2022-06-15T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30155","summary":"Windows Kernel Denial of Service Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.02407,"ranking_epss":0.85107,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30155","http://packetstormsecurity.com/files/167755/Windows-Kernel-nt-MiRelocateImage-Invalid-Read.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30155"],"published_time":"2022-06-15T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30160","summary":"Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.05423,"ranking_epss":0.90176,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30160","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30160"],"published_time":"2022-06-15T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30161","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.10791,"ranking_epss":0.93372,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30161","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30161"],"published_time":"2022-06-15T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30162","summary":"Windows Kernel Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00455,"ranking_epss":0.63903,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30162","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30162"],"published_time":"2022-06-15T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30164","summary":"Kerberos AppContainer Security Feature Bypass Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00925,"ranking_epss":0.76057,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30164","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30164"],"published_time":"2022-06-15T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30166","summary":"Local Security Authority Subsystem Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.07554,"ranking_epss":0.91845,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30166","http://packetstormsecurity.com/files/167754/Windows-LSA-Service-LsapGetClientInfo-Impersonation-Level-Check-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30166"],"published_time":"2022-06-15T22:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30135","summary":"Windows Media Center Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00343,"ranking_epss":0.56968,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30135","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30135"],"published_time":"2022-06-15T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30140","summary":"Windows iSCSI Discovery Service Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.02181,"ranking_epss":0.84376,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30140","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30140"],"published_time":"2022-06-15T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30141","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.1,"cvss_v4":null,"epss":0.09818,"ranking_epss":0.92982,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30141","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30141"],"published_time":"2022-06-15T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30142","summary":"Windows File History Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.04711,"ranking_epss":0.89387,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30142","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30142"],"published_time":"2022-06-15T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30143","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.05102,"ranking_epss":0.89846,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30143","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30143"],"published_time":"2022-06-15T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30146","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.05102,"ranking_epss":0.89846,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30146","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30146"],"published_time":"2022-06-15T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30147","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01449,"ranking_epss":0.80804,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30147","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30147"],"published_time":"2022-06-15T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30149","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.0506,"ranking_epss":0.89798,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30149","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30149"],"published_time":"2022-06-15T22:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30190","summary":"A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.\nPlease see the MSRC Blog Entry for important information about steps you can take to protect your system from this vulnerability.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.93596,"ranking_epss":0.99835,"kev":true,"propose_action":"A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.","ransomware_campaign":"Known","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190","http://packetstormsecurity.com/files/167438/Microsoft-Office-Word-MSDTJS-Code-Execution.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30190","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-30190"],"published_time":"2022-06-01T20:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30138","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00823,"ranking_epss":0.74478,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30138","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30138"],"published_time":"2022-05-18T23:15:07","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-30130","summary":".NET Framework Denial of Service Vulnerability","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.04314,"ranking_epss":0.88912,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30130","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30130"],"published_time":"2022-05-10T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29125","summary":"Windows Push Notifications Apps Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00221,"ranking_epss":0.44753,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29125","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29125"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29126","summary":"Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00285,"ranking_epss":0.52061,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29126","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29126"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29127","summary":"BitLocker Security Feature Bypass Vulnerability","cvss":4.2,"cvss_version":3.0,"cvss_v2":1.9,"cvss_v3":4.2,"cvss_v4":null,"epss":0.00406,"ranking_epss":0.61101,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29127","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29127"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29128","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14363,"ranking_epss":0.94432,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29128","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29128"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29129","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14363,"ranking_epss":0.94432,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29129","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29129"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29130","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":9.8,"cvss_v4":null,"epss":0.14207,"ranking_epss":0.94404,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29130","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29130"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29131","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13231,"ranking_epss":0.94166,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29131","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29131"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29132","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00497,"ranking_epss":0.65876,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29132","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29132"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29137","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.15664,"ranking_epss":0.94717,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29137","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29137"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29139","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.10873,"ranking_epss":0.93403,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29139","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29139"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29141","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.10827,"ranking_epss":0.93385,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29141","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29141"],"published_time":"2022-05-10T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29103","summary":"Windows Remote Access Connection Manager Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00327,"ranking_epss":0.55728,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29103","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29103"],"published_time":"2022-05-10T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29104","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01511,"ranking_epss":0.81243,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29104","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29104"],"published_time":"2022-05-10T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29105","summary":"Microsoft Windows Media Foundation Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02819,"ranking_epss":0.86177,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29105","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29105"],"published_time":"2022-05-10T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29112","summary":"Windows Graphics Component Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.13905,"ranking_epss":0.9433,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29112","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29112"],"published_time":"2022-05-10T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29114","summary":"Windows Print Spooler Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00487,"ranking_epss":0.65482,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29114","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29114"],"published_time":"2022-05-10T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29115","summary":"Windows Fax Service Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02819,"ranking_epss":0.86177,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29115","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29115"],"published_time":"2022-05-10T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-29121","summary":"Windows WLAN AutoConfig Service Denial of Service Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00427,"ranking_epss":0.62437,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-29121","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-29121"],"published_time":"2022-05-10T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26923","summary":"Active Directory Domain Services Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.91441,"ranking_epss":0.99667,"kev":true,"propose_action":"An authenticated user could manipulate attributes on computer accounts they own or manage, and acquire a certificate from Active Directory Certificate Services that would allow for privilege escalation to SYSTEM.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26923","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26923","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26923"],"published_time":"2022-05-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26925","summary":"Windows LSA Spoofing Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":8.1,"cvss_v4":null,"epss":0.37425,"ranking_epss":0.97193,"kev":true,"propose_action":"Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26925","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26925","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26925"],"published_time":"2022-05-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26926","summary":"Windows Address Book Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02005,"ranking_epss":0.83715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26926","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26926"],"published_time":"2022-05-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26930","summary":"Windows Remote Access Connection Manager Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.01242,"ranking_epss":0.79281,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26930","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26930"],"published_time":"2022-05-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26931","summary":"Windows Kerberos Elevation of Privilege Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01621,"ranking_epss":0.81862,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26931","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26931"],"published_time":"2022-05-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26933","summary":"Windows NTFS Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00542,"ranking_epss":0.67732,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26933","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26933"],"published_time":"2022-05-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26934","summary":"Windows Graphics Component Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.17448,"ranking_epss":0.95087,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26934","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26934"],"published_time":"2022-05-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26935","summary":"Windows WLAN AutoConfig Service Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":3.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.00519,"ranking_epss":0.66852,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26935","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26935"],"published_time":"2022-05-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26936","summary":"Windows Server Service Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.17959,"ranking_epss":0.95165,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26936","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26936"],"published_time":"2022-05-10T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21972","summary":"Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.1,"cvss_v4":null,"epss":0.48559,"ranking_epss":0.9776,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21972","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21972"],"published_time":"2022-05-10T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22019","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05138,"ranking_epss":0.89885,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22019","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-22019"],"published_time":"2022-05-10T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26904","summary":"Windows User Profile Service Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.21592,"ranking_epss":0.95738,"kev":true,"propose_action":"Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26904","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26904","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26904"],"published_time":"2022-04-15T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26915","summary":"Windows Secure Channel Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.17608,"ranking_epss":0.95107,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26915","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26915"],"published_time":"2022-04-15T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26916","summary":"Windows Fax Compose Form Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0124,"ranking_epss":0.79264,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26916","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26916"],"published_time":"2022-04-15T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26917","summary":"Windows Fax Compose Form Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0124,"ranking_epss":0.79264,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26917","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26917"],"published_time":"2022-04-15T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26918","summary":"Windows Fax Compose Form Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0124,"ranking_epss":0.79264,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26918","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26918"],"published_time":"2022-04-15T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26919","summary":"Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.1,"cvss_v4":null,"epss":0.04808,"ranking_epss":0.8951,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26919","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26919"],"published_time":"2022-04-15T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26827","summary":"Windows File Server Resource Management Service Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00151,"ranking_epss":0.35719,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26827","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26827"],"published_time":"2022-04-15T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26831","summary":"Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.21804,"ranking_epss":0.95766,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26831","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26831"],"published_time":"2022-04-15T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26832","summary":".NET Framework Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.22432,"ranking_epss":0.95847,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26832","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-26832"],"published_time":"2022-04-15T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26903","summary":"Windows Graphics Component Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02019,"ranking_epss":0.8379,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26903","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26903"],"published_time":"2022-04-15T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26794","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00488,"ranking_epss":0.65528,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26794","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26794"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26796","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00389,"ranking_epss":0.60025,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26796","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26796"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26797","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00488,"ranking_epss":0.65528,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26797","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26797"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26798","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0059,"ranking_epss":0.6922,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26798","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26798"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26801","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00382,"ranking_epss":0.59604,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26801","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26801"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26802","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00382,"ranking_epss":0.59604,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26802","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26802"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26803","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00583,"ranking_epss":0.69039,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26803","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26803"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26807","summary":"Windows Work Folder Service Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00153,"ranking_epss":0.36015,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26807","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26807"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26808","summary":"Windows File Explorer Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00112,"ranking_epss":0.29673,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26808","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26808"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26809","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":10.0,"cvss_v3":9.8,"cvss_v4":null,"epss":0.92562,"ranking_epss":0.99742,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26810","summary":"Windows File Server Resource Management Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00321,"ranking_epss":0.55161,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26810","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26810"],"published_time":"2022-04-15T19:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24547","summary":"Windows Digital Media Receiver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0182,"ranking_epss":0.82903,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24547","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24547"],"published_time":"2022-04-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24550","summary":"Windows Telephony Server Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00432,"ranking_epss":0.6268,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24550","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24550"],"published_time":"2022-04-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26786","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00417,"ranking_epss":0.61816,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26786","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26786"],"published_time":"2022-04-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26787","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00382,"ranking_epss":0.59604,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26787","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26787"],"published_time":"2022-04-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26788","summary":"PowerShell Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00378,"ranking_epss":0.59373,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26788","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26788"],"published_time":"2022-04-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26790","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00497,"ranking_epss":0.65909,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26790","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26790"],"published_time":"2022-04-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-26792","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00382,"ranking_epss":0.59604,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26792","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26792"],"published_time":"2022-04-15T19:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24500","summary":"Windows SMB Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.44661,"ranking_epss":0.97583,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24500","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24500"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24521","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.08231,"ranking_epss":0.92231,"kev":true,"propose_action":"Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Known","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24521","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24521","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24521"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24528","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.04978,"ranking_epss":0.89707,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24528","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24528"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24530","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00321,"ranking_epss":0.55161,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24530","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24530"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24533","summary":"Remote Desktop Protocol Remote Code Execution Vulnerability","cvss":8.0,"cvss_version":3.0,"cvss_v2":8.5,"cvss_v3":8.0,"cvss_v4":null,"epss":0.08763,"ranking_epss":0.92522,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24533","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24533"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24534","summary":"Win32 Stream Enumeration Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.04733,"ranking_epss":0.89417,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24534","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24534"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24540","summary":"Windows ALPC Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.0011,"ranking_epss":0.29405,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24540","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24540"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24541","summary":"Windows Server Service Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.08721,"ranking_epss":0.92505,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24541","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24541"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24542","summary":"Windows Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01321,"ranking_epss":0.79906,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24542","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24542"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24544","summary":"Windows Kerberos Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0025,"ranking_epss":0.48448,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24544","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24544"],"published_time":"2022-04-15T19:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24481","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.43992,"ranking_epss":0.97549,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24481","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24481"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24483","summary":"Windows Kernel Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.05889,"ranking_epss":0.906,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24483","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24483"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24485","summary":"Win32 File Enumeration Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.06152,"ranking_epss":0.90845,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24485","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24485"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24491","summary":"Windows Network File System Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.37582,"ranking_epss":0.97204,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24491","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24491"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24492","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.07634,"ranking_epss":0.91892,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24492","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24492"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24493","summary":"Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00662,"ranking_epss":0.71202,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24493","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24493"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24494","summary":"Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.16754,"ranking_epss":0.94959,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24494","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24494"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24497","summary":"Windows Network File System Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.37582,"ranking_epss":0.97204,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24497","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24497"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24498","summary":"Windows iSCSI Target Service Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.15947,"ranking_epss":0.94774,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24498","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24498"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24499","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00254,"ranking_epss":0.48766,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24499","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24499"],"published_time":"2022-04-15T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21983","summary":"Win32 Stream Enumeration Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.04733,"ranking_epss":0.89417,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21983","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21983"],"published_time":"2022-04-15T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24474","summary":"Windows Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00337,"ranking_epss":0.56587,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24474","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24474"],"published_time":"2022-04-15T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24503","summary":"Remote Desktop Protocol Client Information Disclosure Vulnerability","cvss":5.4,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.4,"cvss_v4":null,"epss":0.01976,"ranking_epss":0.83594,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24503","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24503"],"published_time":"2022-03-09T17:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24502","summary":"Windows HTML Platforms Security Feature Bypass Vulnerability","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.3,"cvss_v4":null,"epss":0.02844,"ranking_epss":0.86237,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24502","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24502"],"published_time":"2022-03-09T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24454","summary":"Windows Security Support Provider Interface Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0023,"ranking_epss":0.45839,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24454","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24454"],"published_time":"2022-03-09T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24455","summary":"Windows CD-ROM Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00395,"ranking_epss":0.60392,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24455","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24455"],"published_time":"2022-03-09T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-24459","summary":"Windows Fax and Scan Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0023,"ranking_epss":0.45839,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24459","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24459"],"published_time":"2022-03-09T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23290","summary":"Windows Inking COM Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0023,"ranking_epss":0.45839,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23290","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23290"],"published_time":"2022-03-09T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23293","summary":"Windows Fast FAT File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00266,"ranking_epss":0.50092,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23293","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23293"],"published_time":"2022-03-09T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23294","summary":"Windows Event Tracing Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.07756,"ranking_epss":0.91962,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23294","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23294"],"published_time":"2022-03-09T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23296","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00542,"ranking_epss":0.67754,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23296","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23296"],"published_time":"2022-03-09T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23297","summary":"Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00495,"ranking_epss":0.65807,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23297","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23297"],"published_time":"2022-03-09T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23298","summary":"Windows NT OS Kernel Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.0036,"ranking_epss":0.5821,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23298","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23298"],"published_time":"2022-03-09T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23299","summary":"Windows PDEV Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00555,"ranking_epss":0.6816,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23299","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23299"],"published_time":"2022-03-09T17:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23281","summary":"Windows Common Log File System Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00533,"ranking_epss":0.67426,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23281","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23281"],"published_time":"2022-03-09T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23283","summary":"Windows ALPC Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00141,"ranking_epss":0.34382,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23283","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23283"],"published_time":"2022-03-09T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23284","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.2,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":7.2,"cvss_v4":null,"epss":0.09515,"ranking_epss":0.9285,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23284","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23284"],"published_time":"2022-03-09T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23285","summary":"Remote Desktop Client Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.16826,"ranking_epss":0.94966,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23285","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23285"],"published_time":"2022-03-09T17:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21973","summary":"Windows Media Center Update Denial of Service Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0019,"ranking_epss":0.40848,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21973","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21973"],"published_time":"2022-03-09T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21977","summary":"Media Foundation Information Disclosure Vulnerability","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":3.3,"cvss_v4":null,"epss":0.0102,"ranking_epss":0.77266,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21977","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21977"],"published_time":"2022-03-09T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21990","summary":"Remote Desktop Client Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14305,"ranking_epss":0.94423,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21990","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21990"],"published_time":"2022-03-09T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22010","summary":"Media Foundation Information Disclosure Vulnerability","cvss":4.4,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.4,"cvss_v4":null,"epss":0.01314,"ranking_epss":0.79856,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22010","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22010"],"published_time":"2022-03-09T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-23253","summary":"Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.30215,"ranking_epss":0.96689,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23253","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23253"],"published_time":"2022-03-09T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22710","summary":"Windows Common Log File System Driver Denial of Service Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00383,"ranking_epss":0.59654,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22710","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22710"],"published_time":"2022-02-09T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22717","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00426,"ranking_epss":0.62336,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22717","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22717"],"published_time":"2022-02-09T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22718","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.07718,"ranking_epss":0.91944,"kev":true,"propose_action":"Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22718","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22718","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-22718"],"published_time":"2022-02-09T17:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21989","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01602,"ranking_epss":0.81743,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21989","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21989"],"published_time":"2022-02-09T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21993","summary":"Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.23968,"ranking_epss":0.96045,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21993","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21993"],"published_time":"2022-02-09T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21997","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00295,"ranking_epss":0.52888,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21997","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21997"],"published_time":"2022-02-09T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21998","summary":"Windows Common Log File System Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00406,"ranking_epss":0.61127,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21998","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21998"],"published_time":"2022-02-09T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21999","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.71335,"ranking_epss":0.98723,"kev":true,"propose_action":"Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.","ransomware_campaign":"Known","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21999","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21999","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-21999"],"published_time":"2022-02-09T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22000","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00523,"ranking_epss":0.66952,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22000","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22000"],"published_time":"2022-02-09T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22001","summary":"Windows Remote Access Connection Manager Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00389,"ranking_epss":0.60039,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22001","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22001"],"published_time":"2022-02-09T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-22002","summary":"Windows User Account Profile Picture Denial of Service Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00273,"ranking_epss":0.50771,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22002","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-22002"],"published_time":"2022-02-09T17:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21981","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00453,"ranking_epss":0.63798,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21981","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21981"],"published_time":"2022-02-09T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21985","summary":"Windows Remote Access Connection Manager Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00296,"ranking_epss":0.53005,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21985","https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21985"],"published_time":"2022-02-09T17:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21958","summary":"Windows Resilient File System (ReFS) Remote Code Execution Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.8,"cvss_v4":null,"epss":0.01417,"ranking_epss":0.80596,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21958","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21958"],"published_time":"2022-01-11T21:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21959","summary":"Windows Resilient File System (ReFS) Remote Code Execution Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.8,"cvss_v4":null,"epss":0.01417,"ranking_epss":0.80596,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21959","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21959"],"published_time":"2022-01-11T21:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21960","summary":"Windows Resilient File System (ReFS) Remote Code Execution Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.8,"cvss_v4":null,"epss":0.01417,"ranking_epss":0.80596,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21960","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21960"],"published_time":"2022-01-11T21:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21961","summary":"Windows Resilient File System (ReFS) Remote Code Execution Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.8,"cvss_v4":null,"epss":0.01417,"ranking_epss":0.80596,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21961","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21961"],"published_time":"2022-01-11T21:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21962","summary":"Windows Resilient File System (ReFS) Remote Code Execution Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.8,"cvss_v4":null,"epss":0.01417,"ranking_epss":0.80596,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21962","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21962"],"published_time":"2022-01-11T21:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21963","summary":"Windows Resilient File System (ReFS) Remote Code Execution Vulnerability","cvss":6.4,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.4,"cvss_v4":null,"epss":0.01714,"ranking_epss":0.82388,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21963","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21963"],"published_time":"2022-01-11T21:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21913","summary":"Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass","cvss":5.3,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":5.3,"cvss_v4":null,"epss":0.01265,"ranking_epss":0.79481,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21913","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21913"],"published_time":"2022-01-11T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21914","summary":"Windows Remote Access Connection Manager Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01663,"ranking_epss":0.82113,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21914","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21914"],"published_time":"2022-01-11T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21915","summary":"Windows GDI+ Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.13035,"ranking_epss":0.94111,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21915","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21915"],"published_time":"2022-01-11T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21919","summary":"Windows User Profile Service Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.9,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00309,"ranking_epss":0.54143,"kev":true,"propose_action":"Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21919","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21919","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-21919"],"published_time":"2022-01-11T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21920","summary":"Windows Kerberos Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.08741,"ranking_epss":0.92514,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21920","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21920"],"published_time":"2022-01-11T21:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21897","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00371,"ranking_epss":0.58978,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21897","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21897"],"published_time":"2022-01-11T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21899","summary":"Windows Extensible Firmware Interface Security Feature Bypass Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00278,"ranking_epss":0.51248,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21899","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21899","https://www.zerodayinitiative.com/advisories/ZDI-22-052/"],"published_time":"2022-01-11T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21903","summary":"Windows GDI Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00303,"ranking_epss":0.53647,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21903","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21903"],"published_time":"2022-01-11T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21904","summary":"Windows GDI Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.18581,"ranking_epss":0.9527,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21904","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21904"],"published_time":"2022-01-11T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21908","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00359,"ranking_epss":0.58107,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21908","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21908"],"published_time":"2022-01-11T21:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21880","summary":"Windows GDI+ Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.19536,"ranking_epss":0.95418,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21880","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21880"],"published_time":"2022-01-11T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21883","summary":"Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.07283,"ranking_epss":0.91678,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21883","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21883"],"published_time":"2022-01-11T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21885","summary":"Windows Remote Access Connection Manager Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00289,"ranking_epss":0.52388,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21885","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21885"],"published_time":"2022-01-11T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21889","summary":"Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":7.5,"cvss_v4":null,"epss":0.15188,"ranking_epss":0.94618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21889","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21889"],"published_time":"2022-01-11T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21890","summary":"Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":7.5,"cvss_v4":null,"epss":0.15188,"ranking_epss":0.94618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21890","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21890"],"published_time":"2022-01-11T21:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2022-21870","summary":"Tablet Windows User Interface Application Core Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00394,"ranking_epss":0.60348,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21870","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21870"],"published_time":"2022-01-11T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43883","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.09119,"ranking_epss":0.92684,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43883","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43883"],"published_time":"2021-12-15T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43893","summary":"Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.06763,"ranking_epss":0.91323,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/165560/Microsoft-Windows-EFSRPC-Arbitrary-File-Upload-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43893","http://packetstormsecurity.com/files/165560/Microsoft-Windows-EFSRPC-Arbitrary-File-Upload-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43893"],"published_time":"2021-12-15T15:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43233","summary":"Remote Desktop Client Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01984,"ranking_epss":0.83625,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43233","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43233"],"published_time":"2021-12-15T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43234","summary":"Windows Fax Service Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00817,"ranking_epss":0.7438,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43234","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43234"],"published_time":"2021-12-15T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43236","summary":"Microsoft Message Queuing Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.14127,"ranking_epss":0.94385,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43236","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43236"],"published_time":"2021-12-15T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43238","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0042,"ranking_epss":0.61966,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43238","https://www.zerodayinitiative.com/advisories/ZDI-22-019/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43238","https://www.zerodayinitiative.com/advisories/ZDI-22-019/"],"published_time":"2021-12-15T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43245","summary":"Windows Digital TV Tuner Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00192,"ranking_epss":0.41102,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43245","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43245"],"published_time":"2021-12-15T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43248","summary":"Windows Digital Media Receiver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.4963,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43248","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43248"],"published_time":"2021-12-15T15:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43207","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00319,"ranking_epss":0.54946,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43207","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43207"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43215","summary":"iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution","cvss":9.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":9.8,"cvss_v4":null,"epss":0.03413,"ranking_epss":0.87457,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43215","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43215"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43216","summary":"Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":6.5,"cvss_v4":null,"epss":0.18233,"ranking_epss":0.95212,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43216","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43216"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43217","summary":"Windows Encrypting File System (EFS) Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.1,"cvss_v4":null,"epss":0.23665,"ranking_epss":0.96009,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43217","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43217"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43222","summary":"Microsoft Message Queuing Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.14127,"ranking_epss":0.94385,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43222","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43222"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43223","summary":"Windows Remote Access Connection Manager Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.4963,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43223","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43223"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43224","summary":"Windows Common Log File System Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.12746,"ranking_epss":0.94022,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43224","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43224"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43226","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.08393,"ranking_epss":0.92332,"kev":true,"propose_action":"Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43226","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43226","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-43226"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43229","summary":"Windows NTFS Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.11892,"ranking_epss":0.93768,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43229","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43229"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43230","summary":"Windows NTFS Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00734,"ranking_epss":0.72802,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43230","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43230"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-43232","summary":"Windows Event Tracing Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02803,"ranking_epss":0.86142,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43232","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43232"],"published_time":"2021-12-15T15:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40441","summary":"Windows Media Center Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00338,"ranking_epss":0.56653,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40441","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40441"],"published_time":"2021-12-15T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41333","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00653,"ranking_epss":0.70954,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41333","https://www.zerodayinitiative.com/advisories/ZDI-21-1552/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41333","https://www.zerodayinitiative.com/advisories/ZDI-21-1552/"],"published_time":"2021-12-15T15:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-42283","summary":"NTFS Elevation of Privilege Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":8.8,"cvss_v4":null,"epss":0.00234,"ranking_epss":0.463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42283","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42283"],"published_time":"2021-11-10T01:19:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-42285","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00256,"ranking_epss":0.49012,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42285","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42285"],"published_time":"2021-11-10T01:19:45","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-42275","summary":"Microsoft COM for Windows Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.03811,"ranking_epss":0.88117,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42275","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42275"],"published_time":"2021-11-10T01:19:43","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41379","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":5.5,"cvss_v4":null,"epss":0.01159,"ranking_epss":0.78604,"kev":true,"propose_action":"Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Known","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41379","https://www.zerodayinitiative.com/advisories/ZDI-21-1308/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41379","https://www.zerodayinitiative.com/advisories/ZDI-21-1308/","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-41379"],"published_time":"2021-11-10T01:19:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41377","summary":"Windows Fast FAT File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00318,"ranking_epss":0.54864,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41377","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41377"],"published_time":"2021-11-10T01:19:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41370","summary":"NTFS Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00234,"ranking_epss":0.463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41370","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41370"],"published_time":"2021-11-10T01:19:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41371","summary":"Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability","cvss":4.4,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00584,"ranking_epss":0.69057,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41371","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41371"],"published_time":"2021-11-10T01:19:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41366","summary":"Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00171,"ranking_epss":0.38321,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41366","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41366"],"published_time":"2021-11-10T01:19:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41367","summary":"NTFS Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00356,"ranking_epss":0.57946,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41367","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41367"],"published_time":"2021-11-10T01:19:29","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38665","summary":"Remote Desktop Protocol Client Information Disclosure Vulnerability","cvss":7.4,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":7.4,"cvss_v4":null,"epss":0.06223,"ranking_epss":0.90907,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38665","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38665"],"published_time":"2021-11-10T01:18:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38666","summary":"Remote Desktop Client Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.31882,"ranking_epss":0.96819,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38666","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38666"],"published_time":"2021-11-10T01:18:35","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38631","summary":"Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability","cvss":4.4,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00579,"ranking_epss":0.68906,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38631","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38631"],"published_time":"2021-11-10T01:18:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41340","summary":"Windows Graphics Component Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.05174,"ranking_epss":0.89921,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41340","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41340"],"published_time":"2021-10-13T01:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41342","summary":"Windows MSHTML Platform Remote Code Execution Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":6.8,"cvss_v4":null,"epss":0.02445,"ranking_epss":0.8521,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41342","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41342"],"published_time":"2021-10-13T01:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41343","summary":"Windows Fast FAT File System Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00427,"ranking_epss":0.62346,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41343","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41343"],"published_time":"2021-10-13T01:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41345","summary":"Storage Spaces Controller Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00436,"ranking_epss":0.63042,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41345","https://www.zerodayinitiative.com/advisories/ZDI-21-1154/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41345","https://www.zerodayinitiative.com/advisories/ZDI-21-1154/"],"published_time":"2021-10-13T01:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40488","summary":"Storage Spaces Controller Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00342,"ranking_epss":0.56932,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40488","https://www.zerodayinitiative.com/advisories/ZDI-21-1153/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40488","https://www.zerodayinitiative.com/advisories/ZDI-21-1153/"],"published_time":"2021-10-13T01:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40489","summary":"Storage Spaces Controller Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00297,"ranking_epss":0.5309,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40489","https://www.zerodayinitiative.com/advisories/ZDI-21-1156/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40489","https://www.zerodayinitiative.com/advisories/ZDI-21-1156/"],"published_time":"2021-10-13T01:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41331","summary":"Windows Media Audio Decoder Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.05174,"ranking_epss":0.89921,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41331","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41331"],"published_time":"2021-10-13T01:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41332","summary":"Windows Print Spooler Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.213,"ranking_epss":0.95698,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41332","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41332"],"published_time":"2021-10-13T01:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-41335","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00322,"ranking_epss":0.55318,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41335","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41335"],"published_time":"2021-10-13T01:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40476","summary":"Windows AppContainer Elevation Of Privilege Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.00441,"ranking_epss":0.6327,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/164942/Microsoft-Windows-WSAQuerySocketSecurity-AppContainer-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40476","http://packetstormsecurity.com/files/164942/Microsoft-Windows-WSAQuerySocketSecurity-AppContainer-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40476"],"published_time":"2021-10-13T01:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40477","summary":"Windows Event Tracing Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00289,"ranking_epss":0.52439,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40477","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40477"],"published_time":"2021-10-13T01:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40478","summary":"Storage Spaces Controller Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00342,"ranking_epss":0.56932,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40478","https://www.zerodayinitiative.com/advisories/ZDI-21-1155/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40478","https://www.zerodayinitiative.com/advisories/ZDI-21-1155/"],"published_time":"2021-10-13T01:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40463","summary":"Windows Network Address Translation (NAT) Denial of Service Vulnerability","cvss":7.7,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":7.7,"cvss_v4":null,"epss":0.09125,"ranking_epss":0.92687,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40463","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40463"],"published_time":"2021-10-13T01:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40465","summary":"Windows Text Shaping Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.03657,"ranking_epss":0.87892,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40465","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40465"],"published_time":"2021-10-13T01:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40466","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00312,"ranking_epss":0.54433,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40466","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40466"],"published_time":"2021-10-13T01:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40467","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00414,"ranking_epss":0.61592,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40467","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40467"],"published_time":"2021-10-13T01:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26441","summary":"Storage Spaces Controller Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00231,"ranking_epss":0.45976,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26441","https://www.zerodayinitiative.com/advisories/ZDI-21-1157/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26441","https://www.zerodayinitiative.com/advisories/ZDI-21-1157/"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26442","summary":"Windows HTTP.sys Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00253,"ranking_epss":0.48632,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26442","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26442"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36953","summary":"Windows TCP/IP Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.12101,"ranking_epss":0.93825,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36953","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36953"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36970","summary":"Windows Print Spooler Spoofing Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14902,"ranking_epss":0.94559,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36970","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36970"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38662","summary":"Windows Fast FAT File System Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00578,"ranking_epss":0.68876,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38662","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38662"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38663","summary":"Windows exFAT File System Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00422,"ranking_epss":0.6211,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38663","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38663"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40443","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00312,"ranking_epss":0.54433,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40443","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40443"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40449","summary":"Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.91732,"ranking_epss":0.99686,"kev":true,"propose_action":"Unspecified vulnerability allows for an authenticated user to escalate privileges.","ransomware_campaign":"Known","references":["http://packetstormsecurity.com/files/164926/Win32k-NtGdiResetDC-Use-After-Free-Local-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40449","http://packetstormsecurity.com/files/164926/Win32k-NtGdiResetDC-Use-After-Free-Local-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40449","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-40449"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40454","summary":"Rich Text Edit Control Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00113,"ranking_epss":0.29879,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40454"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40455","summary":"Windows Installer Spoofing Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00593,"ranking_epss":0.69311,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40455","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40455"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40460","summary":"Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.01755,"ranking_epss":0.82618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40460","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40460"],"published_time":"2021-10-13T01:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38671","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00464,"ranking_epss":0.64365,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38671","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38671"],"published_time":"2021-09-15T12:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40444","summary":"<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p>\n<p>An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p>\n<p>Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.</p>\n<p>Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.</p>\n<p>Please see the <strong>Mitigations</strong> and <strong>Workaround</strong> sections for important information about steps you can take to protect your system from this vulnerability.</p>\n<p><strong>UPDATE</strong> September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system.</p>\n","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.94332,"ranking_epss":0.99954,"kev":true,"propose_action":"Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.","ransomware_campaign":"Known","references":["http://packetstormsecurity.com/files/164210/Microsoft-Windows-MSHTML-Overview.html","http://packetstormsecurity.com/files/165214/Microsoft-Office-Word-MSHTML-Remote-Code-Execution.html","http://packetstormsecurity.com/files/167317/Microsoft-Office-MSDT-Follina-Proof-Of-Concept.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40444","http://packetstormsecurity.com/files/164210/Microsoft-Windows-MSHTML-Overview.html","http://packetstormsecurity.com/files/165214/Microsoft-Office-Word-MSHTML-Remote-Code-Execution.html","http://packetstormsecurity.com/files/167317/Microsoft-Office-MSDT-Follina-Proof-Of-Concept.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40444","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-40444"],"published_time":"2021-09-15T12:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-40447","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00286,"ranking_epss":0.52106,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40447","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40447"],"published_time":"2021-09-15T12:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38667","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00464,"ranking_epss":0.64365,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38667","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38667"],"published_time":"2021-09-15T12:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38628","summary":"Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00318,"ranking_epss":0.54864,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38628","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38628"],"published_time":"2021-09-15T12:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38629","summary":"Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.22203,"ranking_epss":0.95818,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38629","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38629"],"published_time":"2021-09-15T12:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38630","summary":"Windows Event Tracing Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00234,"ranking_epss":0.463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38630","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38630"],"published_time":"2021-09-15T12:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38633","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00459,"ranking_epss":0.64087,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38633","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38633"],"published_time":"2021-09-15T12:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38635","summary":"Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00605,"ranking_epss":0.69644,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38635","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38635"],"published_time":"2021-09-15T12:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38636","summary":"Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00605,"ranking_epss":0.69644,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38636","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38636"],"published_time":"2021-09-15T12:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38638","summary":"Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00356,"ranking_epss":0.57946,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38638","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38638"],"published_time":"2021-09-15T12:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-38639","summary":"Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00759,"ranking_epss":0.73365,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38639","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-38639"],"published_time":"2021-09-15T12:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36955","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.2064,"ranking_epss":0.95598,"kev":true,"propose_action":"Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Known","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36955","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36955","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-36955"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36959","summary":"Windows Authenticode Spoofing Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.02523,"ranking_epss":0.85451,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36959","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36959"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36960","summary":"Windows SMB Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.16964,"ranking_epss":0.94986,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36960","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36960"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36961","summary":"Windows Installer Denial of Service Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00227,"ranking_epss":0.45567,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36961","https://www.zerodayinitiative.com/advisories/ZDI-21-1078/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36961","https://www.zerodayinitiative.com/advisories/ZDI-21-1078/"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36962","summary":"Windows Installer Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00391,"ranking_epss":0.60202,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36962","https://www.zerodayinitiative.com/advisories/ZDI-21-1103/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36962","https://www.zerodayinitiative.com/advisories/ZDI-21-1103/"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36963","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0043,"ranking_epss":0.62608,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36963","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36963"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36964","summary":"Windows Event Tracing Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00234,"ranking_epss":0.463,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36964","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36964"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36965","summary":"Windows WLAN AutoConfig Service Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.02964,"ranking_epss":0.86511,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36965","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36965"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36969","summary":"Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00427,"ranking_epss":0.62346,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36969","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36969"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36972","summary":"Windows SMB Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00347,"ranking_epss":0.57348,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36972","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36972"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36974","summary":"Windows SMB Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0016,"ranking_epss":0.3685,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36974","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36974"],"published_time":"2021-09-15T12:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26435","summary":"Windows Scripting Engine Memory Corruption Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.1,"cvss_v4":null,"epss":0.07765,"ranking_epss":0.91968,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26435","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26435"],"published_time":"2021-09-15T12:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36947","summary":"Windows Print Spooler Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.09387,"ranking_epss":0.92794,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36947","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36947"],"published_time":"2021-08-12T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34480","summary":"Scripting Engine Memory Corruption Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":6.8,"cvss_v4":null,"epss":0.03053,"ranking_epss":0.86719,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/164121/Internet-Explorer-JIT-Optimization-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34480","http://packetstormsecurity.com/files/164121/Internet-Explorer-JIT-Optimization-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34480"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34483","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00445,"ranking_epss":0.63452,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34483","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34483"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34484","summary":"Windows User Profile Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02767,"ranking_epss":0.86053,"kev":true,"propose_action":"Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34484","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34484","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-34484"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34533","summary":"Windows Graphics Component Font Parsing Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01106,"ranking_epss":0.78132,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34533","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34533"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34535","summary":"Remote Desktop Client Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.04763,"ranking_epss":0.89467,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34535","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34535"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34537","summary":"Windows Bluetooth Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":5.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00243,"ranking_epss":0.47634,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34537","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34537"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36926","summary":"Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.14576,"ranking_epss":0.94486,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36926","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36926"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36927","summary":"Windows Digital TV Tuner device registration application Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00225,"ranking_epss":0.45263,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36927","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36927"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36932","summary":"Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.19424,"ranking_epss":0.95396,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36932","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36932"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36933","summary":"Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.14576,"ranking_epss":0.94486,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36933","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36933"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36936","summary":"Windows Print Spooler Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.07327,"ranking_epss":0.91707,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36936","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36936"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-36937","summary":"Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01106,"ranking_epss":0.78132,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36937","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36937"],"published_time":"2021-08-12T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26424","summary":"Windows TCP/IP Remote Code Execution Vulnerability","cvss":9.9,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":9.9,"cvss_v4":null,"epss":0.1053,"ranking_epss":0.93285,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26424","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26424"],"published_time":"2021-08-12T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26425","summary":"Windows Event Tracing Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00206,"ranking_epss":0.42921,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26425","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26425"],"published_time":"2021-08-12T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26426","summary":"Windows User Account Profile Picture Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00572,"ranking_epss":0.68703,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26426","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26426"],"published_time":"2021-08-12T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26432","summary":"Windows Services for NFS ONCRPC XDR Driver Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.10285,"ranking_epss":0.93187,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26432","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26432"],"published_time":"2021-08-12T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26433","summary":"Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.17064,"ranking_epss":0.95006,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26433","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26433"],"published_time":"2021-08-12T18:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34481","summary":"<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p><strong>UPDATE</strong> August 10, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. This security update changes the Point and Print default behavior; please see <a href=\"https://support.microsoft.com/help/5005652\">KB5005652</a>.</p>","cvss":8.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.21996,"ranking_epss":0.95789,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34481","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34481"],"published_time":"2021-07-16T21:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34440","summary":"GDI+ Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00423,"ranking_epss":0.62151,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34440","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34440"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34441","summary":"Microsoft Windows Media Foundation Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.03975,"ranking_epss":0.88404,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34441","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34441"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34446","summary":"Windows HTML Platforms Security Feature Bypass Vulnerability","cvss":8.0,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.0,"cvss_v4":null,"epss":0.029,"ranking_epss":0.86372,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34446","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34446"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34447","summary":"Windows MSHTML Platform Remote Code Execution Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":6.8,"cvss_v4":null,"epss":0.05707,"ranking_epss":0.90436,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34447","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34447"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34448","summary":"Scripting Engine Memory Corruption Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":6.8,"cvss_v4":null,"epss":0.02032,"ranking_epss":0.8384,"kev":true,"propose_action":"Microsoft Windows Scripting Engine contains an unspecified vulnerability that allows for memory corruption.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34448","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34448","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-34448"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34454","summary":"Windows Remote Access Connection Manager Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00442,"ranking_epss":0.63331,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34454","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34454"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34455","summary":"Windows File History Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00169,"ranking_epss":0.3808,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34455","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34455"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34456","summary":"Windows Remote Access Connection Manager Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00352,"ranking_epss":0.57656,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34456","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34456"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34457","summary":"Windows Remote Access Connection Manager Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00533,"ranking_epss":0.67424,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34457","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34457"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34459","summary":"Windows AppContainer Elevation Of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00314,"ranking_epss":0.54563,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34459","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34459"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34460","summary":"Storage Spaces Controller Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00326,"ranking_epss":0.55665,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34460","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34460"],"published_time":"2021-07-16T21:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34514","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00407,"ranking_epss":0.61174,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34514","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34514"],"published_time":"2021-07-14T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34516","summary":"Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01939,"ranking_epss":0.83458,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34516","https://www.zerodayinitiative.com/advisories/ZDI-21-1004/","https://www.zerodayinitiative.com/advisories/ZDI-21-1005/","https://www.zerodayinitiative.com/advisories/ZDI-21-1006/","https://www.zerodayinitiative.com/advisories/ZDI-21-1007/","https://www.zerodayinitiative.com/advisories/ZDI-21-1008/","https://www.zerodayinitiative.com/advisories/ZDI-21-1009/","https://www.zerodayinitiative.com/advisories/ZDI-21-1010/","https://www.zerodayinitiative.com/advisories/ZDI-21-1011/","https://www.zerodayinitiative.com/advisories/ZDI-21-1012/","https://www.zerodayinitiative.com/advisories/ZDI-21-1013/","https://www.zerodayinitiative.com/advisories/ZDI-21-1014/","https://www.zerodayinitiative.com/advisories/ZDI-21-1015/","https://www.zerodayinitiative.com/advisories/ZDI-21-1016/","https://www.zerodayinitiative.com/advisories/ZDI-21-1017/","https://www.zerodayinitiative.com/advisories/ZDI-21-1018/","https://www.zerodayinitiative.com/advisories/ZDI-21-1019/","https://www.zerodayinitiative.com/advisories/ZDI-21-1020/","https://www.zerodayinitiative.com/advisories/ZDI-21-1021/","https://www.zerodayinitiative.com/advisories/ZDI-21-1022/","https://www.zerodayinitiative.com/advisories/ZDI-21-895/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34516","https://www.zerodayinitiative.com/advisories/ZDI-21-1004/","https://www.zerodayinitiative.com/advisories/ZDI-21-1005/","https://www.zerodayinitiative.com/advisories/ZDI-21-1006/","https://www.zerodayinitiative.com/advisories/ZDI-21-1007/","https://www.zerodayinitiative.com/advisories/ZDI-21-1008/","https://www.zerodayinitiative.com/advisories/ZDI-21-1009/","https://www.zerodayinitiative.com/advisories/ZDI-21-1010/","https://www.zerodayinitiative.com/advisories/ZDI-21-1011/","https://www.zerodayinitiative.com/advisories/ZDI-21-1012/","https://www.zerodayinitiative.com/advisories/ZDI-21-1013/","https://www.zerodayinitiative.com/advisories/ZDI-21-1014/","https://www.zerodayinitiative.com/advisories/ZDI-21-1015/","https://www.zerodayinitiative.com/advisories/ZDI-21-1016/","https://www.zerodayinitiative.com/advisories/ZDI-21-1017/","https://www.zerodayinitiative.com/advisories/ZDI-21-1018/","https://www.zerodayinitiative.com/advisories/ZDI-21-1019/","https://www.zerodayinitiative.com/advisories/ZDI-21-1020/","https://www.zerodayinitiative.com/advisories/ZDI-21-1021/","https://www.zerodayinitiative.com/advisories/ZDI-21-1022/","https://www.zerodayinitiative.com/advisories/ZDI-21-895/"],"published_time":"2021-07-14T18:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34491","summary":"Win32k Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00408,"ranking_epss":0.61244,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34491","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34491"],"published_time":"2021-07-14T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34492","summary":"Windows Certificate Spoofing Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":8.1,"cvss_v4":null,"epss":0.05041,"ranking_epss":0.89774,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34492","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34492"],"published_time":"2021-07-14T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34497","summary":"Windows MSHTML Platform Remote Code Execution Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":6.8,"cvss_v4":null,"epss":0.05974,"ranking_epss":0.90678,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34497","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34497"],"published_time":"2021-07-14T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34498","summary":"Windows GDI Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00237,"ranking_epss":0.46808,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34498","https://www.zerodayinitiative.com/advisories/ZDI-21-825/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34498","https://www.zerodayinitiative.com/advisories/ZDI-21-825/"],"published_time":"2021-07-14T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34500","summary":"Windows Kernel Memory Information Disclosure Vulnerability","cvss":6.3,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.3,"cvss_v4":null,"epss":0.03582,"ranking_epss":0.87758,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34500","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34500"],"published_time":"2021-07-14T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34504","summary":"Windows Address Book Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.05258,"ranking_epss":0.90004,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34504","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34504"],"published_time":"2021-07-14T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34507","summary":"Windows Remote Assistance Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.21984,"ranking_epss":0.95787,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34507","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34507"],"published_time":"2021-07-14T18:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33756","summary":"Windows DNS Snap-in Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.04563,"ranking_epss":0.89215,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33756","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33756"],"published_time":"2021-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33757","summary":"Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability","cvss":5.3,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":5.3,"cvss_v4":null,"epss":0.05409,"ranking_epss":0.90157,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33757","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33757"],"published_time":"2021-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33761","summary":"Windows Remote Access Connection Manager Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00284,"ranking_epss":0.51811,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33761","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33761"],"published_time":"2021-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33763","summary":"Windows Remote Access Connection Manager Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00362,"ranking_epss":0.58348,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33763","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33763"],"published_time":"2021-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33765","summary":"Windows Installer Spoofing Vulnerability","cvss":6.2,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00457,"ranking_epss":0.63966,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33765","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33765"],"published_time":"2021-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33771","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.06648,"ranking_epss":0.91229,"kev":true,"propose_action":"Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33771","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33771","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-33771"],"published_time":"2021-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33773","summary":"Windows Remote Access Connection Manager Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00251,"ranking_epss":0.48484,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33773","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33773"],"published_time":"2021-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33782","summary":"Windows Authenticode Spoofing Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.06434,"ranking_epss":0.91084,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33782","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33782"],"published_time":"2021-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33783","summary":"Windows SMB Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.20381,"ranking_epss":0.95551,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33783","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33783"],"published_time":"2021-07-14T18:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31183","summary":"Windows TCP/IP Driver Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.22628,"ranking_epss":0.9587,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31183","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31183"],"published_time":"2021-07-14T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31979","summary":"Windows Kernel Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.105,"ranking_epss":0.93274,"kev":true,"propose_action":"Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31979","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31979","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31979"],"published_time":"2021-07-14T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33749","summary":"Windows DNS Snap-in Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.12763,"ranking_epss":0.94026,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33749","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33749"],"published_time":"2021-07-14T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33750","summary":"Windows DNS Snap-in Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05373,"ranking_epss":0.90114,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33750","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33750"],"published_time":"2021-07-14T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33752","summary":"Windows DNS Snap-in Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05373,"ranking_epss":0.90114,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33752","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33752"],"published_time":"2021-07-14T18:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-34527","summary":"<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.</p>\n<p>In addition to installing the updates, in order to secure your system, you must confirm that the following registry settings are set to 0 (zero) or are not defined (<strong>Note</strong>: These registry keys do not exist by default, and therefore are already at the secure setting.), also that your Group Policy setting are correct (see FAQ):</p>\n<ul>\n<li>HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows NT\\Printers\\PointAndPrint</li>\n<li>NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)</li>\n<li>UpdatePromptSettings = 0 (DWORD) or not defined (default setting)</li>\n</ul>\n<p><strong>Having NoWarningNoElevationOnInstall set to 1 makes your system vulnerable by design.</strong></p>\n<p>UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. See also <a href=\"https://support.microsoft.com/topic/31b91c02-05bc-4ada-a7ea-183b129578a7\">KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates</a>.</p>\n<p>Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527.</p>\n","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.9424,"ranking_epss":0.99928,"kev":true,"propose_action":"Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploitation allows an attacker to perform remote code execution with SYSTEM privileges. The vulnerability is also known under the moniker of PrintNightmare.","ransomware_campaign":"Known","references":["http://packetstormsecurity.com/files/167261/Print-Spooler-Remote-DLL-Injection.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527","http://packetstormsecurity.com/files/167261/Print-Spooler-Remote-DLL-Injection.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34527","https://www.kb.cert.org/vuls/id/383432","https://www.vicarius.io/vsociety/posts/cve-2021-34527-printnightmare-detection-script","https://www.vicarius.io/vsociety/posts/cve-2021-34527-printnightmare-mitigation-script","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-34527"],"published_time":"2021-07-02T22:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31968","summary":"Windows Remote Desktop Services Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.27537,"ranking_epss":0.96439,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31968","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31968"],"published_time":"2021-06-08T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31970","summary":"Windows TCP/IP Driver Security Feature Bypass Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00801,"ranking_epss":0.74121,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/163256/Microsoft-Windows-Filtering-Platform-Token-Access-Check-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31970","http://packetstormsecurity.com/files/163256/Microsoft-Windows-Filtering-Platform-Token-Access-Check-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31970"],"published_time":"2021-06-08T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31971","summary":"Windows HTML Platforms Security Feature Bypass Vulnerability","cvss":6.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":6.8,"cvss_v4":null,"epss":0.05707,"ranking_epss":0.90436,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31971","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31971"],"published_time":"2021-06-08T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31972","summary":"Event Tracing for Windows Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00424,"ranking_epss":0.62245,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31972","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31972"],"published_time":"2021-06-08T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31973","summary":"Windows GPSVC Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00483,"ranking_epss":0.65226,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31973","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31973"],"published_time":"2021-06-08T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31974","summary":"Server for NFS Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.14302,"ranking_epss":0.94422,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31974","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31974"],"published_time":"2021-06-08T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31975","summary":"Server for NFS Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.14121,"ranking_epss":0.94383,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31975","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31975"],"published_time":"2021-06-08T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31976","summary":"Server for NFS Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.17342,"ranking_epss":0.95067,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31976","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31976"],"published_time":"2021-06-08T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-33742","summary":"Windows MSHTML Platform Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.71001,"ranking_epss":0.98708,"kev":true,"propose_action":"Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33742","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33742","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-33742"],"published_time":"2021-06-08T23:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1675","summary":"Windows Print Spooler Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.94314,"ranking_epss":0.9995,"kev":true,"propose_action":"Microsoft Windows Print Spooler contains an unspecified vulnerability that allows for remote code execution.","ransomware_campaign":"Known","references":["http://packetstormsecurity.com/files/163349/Microsoft-PrintNightmare-Proof-Of-Concept.html","http://packetstormsecurity.com/files/163351/PrintNightmare-Windows-Spooler-Service-Remote-Code-Execution.html","http://packetstormsecurity.com/files/167261/Print-Spooler-Remote-DLL-Injection.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1675","https://www.kb.cert.org/vuls/id/383432","http://packetstormsecurity.com/files/163349/Microsoft-PrintNightmare-Proof-Of-Concept.html","http://packetstormsecurity.com/files/163351/PrintNightmare-Windows-Spooler-Service-Remote-Code-Execution.html","http://packetstormsecurity.com/files/167261/Print-Spooler-Remote-DLL-Injection.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1675","https://www.kb.cert.org/vuls/id/383432","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-1675"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26414","summary":"Windows DCOM Server Security Feature Bypass","cvss":4.8,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.8,"cvss_v4":null,"epss":0.0717,"ranking_epss":0.91592,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/163206/Windows-Kerberos-AppContainer-Enterprise-Authentication-Capability-Bypass.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26414","http://packetstormsecurity.com/files/163206/Windows-Kerberos-AppContainer-Enterprise-Authentication-Capability-Bypass.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26414"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31199","summary":"Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability","cvss":5.2,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":5.2,"cvss_v4":null,"epss":0.00798,"ranking_epss":0.74057,"kev":true,"propose_action":"Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31199","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31199","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31199"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31201","summary":"Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability","cvss":5.2,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":5.2,"cvss_v4":null,"epss":0.01323,"ranking_epss":0.79921,"kev":true,"propose_action":"Microsoft Enhanced Cryptographic Provider contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31201","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31201","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31201"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31953","summary":"Windows Filter Manager Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00483,"ranking_epss":0.65226,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31953","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31953"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31954","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01255,"ranking_epss":0.79394,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31954","https://www.zerodayinitiative.com/advisories/ZDI-21-668/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31954","https://www.zerodayinitiative.com/advisories/ZDI-21-668/"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31956","summary":"Windows NTFS Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.90724,"ranking_epss":0.99623,"kev":true,"propose_action":"Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31956","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31956","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-31956"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31958","summary":"Windows NTLM Elevation of Privilege Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.02123,"ranking_epss":0.84173,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31958","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31958"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31959","summary":"Scripting Engine Memory Corruption Vulnerability","cvss":6.4,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":6.4,"cvss_v4":null,"epss":0.044,"ranking_epss":0.89019,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/163056/Internet-Explorer-jscript9.dll-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31959","http://packetstormsecurity.com/files/163056/Internet-Explorer-jscript9.dll-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31959"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31962","summary":"Kerberos AppContainer Security Feature Bypass Vulnerability","cvss":9.4,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.4,"cvss_v4":null,"epss":0.17791,"ranking_epss":0.95138,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/163206/Windows-Kerberos-AppContainer-Enterprise-Authentication-Capability-Bypass.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31962","http://packetstormsecurity.com/files/163206/Windows-Kerberos-AppContainer-Enterprise-Authentication-Capability-Bypass.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31962"],"published_time":"2021-06-08T23:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-24588","summary":"The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.","cvss":3.5,"cvss_version":3.0,"cvss_v2":2.9,"cvss_v3":3.5,"cvss_v4":null,"epss":0.00311,"ranking_epss":0.5438,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2021/05/11/12","https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf","https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md","https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html","https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu","https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63","https://www.fragattacks.com","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html","http://www.openwall.com/lists/oss-security/2021/05/11/12","https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf","https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md","https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html","https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html","https://lists.debian.org/debian-lts-announce/2023/04/msg00002.html","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu","https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63","https://www.fragattacks.com","https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html","https://cert-portal.siemens.com/productcert/html/ssa-019200.html","https://cert-portal.siemens.com/productcert/html/ssa-913875.html"],"published_time":"2021-05-11T20:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31188","summary":"Windows Graphics Component Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01143,"ranking_epss":0.78465,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31188","https://www.zerodayinitiative.com/advisories/ZDI-21-577/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31188","https://www.zerodayinitiative.com/advisories/ZDI-21-577/"],"published_time":"2021-05-11T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31193","summary":"Windows SSDP Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00282,"ranking_epss":0.51671,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31193","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31193"],"published_time":"2021-05-11T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31194","summary":"OLE Automation Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.10448,"ranking_epss":0.9325,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31194","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31194"],"published_time":"2021-05-11T19:15:10","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28479","summary":"Windows CSC Service Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00248,"ranking_epss":0.48083,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28479","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28479"],"published_time":"2021-05-11T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31182","summary":"Microsoft Bluetooth Driver Spoofing Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":4.8,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00464,"ranking_epss":0.64352,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31182","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31182"],"published_time":"2021-05-11T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31184","summary":"Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.02392,"ranking_epss":0.85052,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31184","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31184"],"published_time":"2021-05-11T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-31186","summary":"Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability","cvss":7.4,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":7.4,"cvss_v4":null,"epss":0.06805,"ranking_epss":0.9135,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31186","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31186"],"published_time":"2021-05-11T19:15:09","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26419","summary":"Scripting Engine Memory Corruption Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.34148,"ranking_epss":0.96987,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/162570/Internet-Explorer-jscript9.dll-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26419","http://packetstormsecurity.com/files/162570/Internet-Explorer-jscript9.dll-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26419"],"published_time":"2021-05-11T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28455","summary":"Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.10557,"ranking_epss":0.93292,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28455","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28455"],"published_time":"2021-05-11T19:15:08","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28357","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28357","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28357"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28358","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17338,"ranking_epss":0.95065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28358","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28358"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28434","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28434","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28434"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28435","summary":"Windows Event Tracing Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00541,"ranking_epss":0.67702,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28435","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28435"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28437","summary":"Windows Installer Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00426,"ranking_epss":0.623,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28437","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28437"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28439","summary":"Windows TCP/IP Driver Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.20904,"ranking_epss":0.95637,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28439","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28439"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28440","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00467,"ranking_epss":0.64469,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28440","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28440"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28443","summary":"Windows Console Driver Denial of Service Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00256,"ranking_epss":0.49071,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28443","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28443"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28445","summary":"Windows Network File System Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.1,"cvss_v4":null,"epss":0.20109,"ranking_epss":0.955,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28445","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28445"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28446","summary":"Windows Portmapping Information Disclosure Vulnerability","cvss":7.1,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00982,"ranking_epss":0.76828,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28446","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28446"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28447","summary":"Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability","cvss":4.4,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00348,"ranking_epss":0.57393,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28447","https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28447"],"published_time":"2021-04-13T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28339","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28339","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28339"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28340","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11182,"ranking_epss":0.93518,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28340","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28340"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28341","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17338,"ranking_epss":0.95065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28341","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28341"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28342","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28342","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28342"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28343","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28343","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28343"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28344","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11182,"ranking_epss":0.93518,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28344","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28344"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28345","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28345","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28345"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28346","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17338,"ranking_epss":0.95065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28346","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28346"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28348","summary":"Windows GDI+ Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00541,"ranking_epss":0.67715,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28348","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28348"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28349","summary":"Windows GDI+ Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57885,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28349","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28349"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28350","summary":"Windows GDI+ Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00351,"ranking_epss":0.5762,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28350","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28350"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28352","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17338,"ranking_epss":0.95065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28352","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28352"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28353","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28353","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28353"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28354","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28354","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28354"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28355","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28355","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28355"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28356","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11182,"ranking_epss":0.93518,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28356","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28356"],"published_time":"2021-04-13T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28323","summary":"Windows DNS Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.16564,"ranking_epss":0.94926,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html","http://seclists.org/fulldisclosure/2021/Apr/40","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28323","http://packetstormsecurity.com/files/162251/Microsoft-DiagHub-Privilege-Escalation.html","http://seclists.org/fulldisclosure/2021/Apr/40","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28323"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28325","summary":"Windows SMB Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.21136,"ranking_epss":0.95671,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28325","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28325"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28327","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11182,"ranking_epss":0.93518,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28327","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28327"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28328","summary":"Windows DNS Information Disclosure Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":6.5,"cvss_v4":null,"epss":0.16598,"ranking_epss":0.94934,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28328","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28328"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28329","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28329","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28329"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28330","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28330","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28330"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28331","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28331","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28331"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28332","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17338,"ranking_epss":0.95065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28332","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28332"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28333","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11182,"ranking_epss":0.93518,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28333","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28333"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28334","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17338,"ranking_epss":0.95065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28334","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28334"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28335","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17338,"ranking_epss":0.95065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28335","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28335"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28336","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28336","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28336"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28337","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28337","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28337"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28338","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.14173,"ranking_epss":0.94398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28338","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28338"],"published_time":"2021-04-13T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-27094","summary":"Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability","cvss":4.4,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00407,"ranking_epss":0.61194,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27094","https://bi-zone.medium.com/measured-boot-and-malware-signatures-exploring-two-vulnerabilities-found-in-the-windows-loader-5a4fcc3c4b66","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27094"],"published_time":"2021-04-13T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-27095","summary":"Windows Media Video Decoder Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.06508,"ranking_epss":0.91131,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27095","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27095"],"published_time":"2021-04-13T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-27096","summary":"NTFS Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49569,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27096","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27096"],"published_time":"2021-04-13T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28309","summary":"Windows Kernel Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00426,"ranking_epss":0.623,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28309","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28309"],"published_time":"2021-04-13T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28315","summary":"Windows Media Video Decoder Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01109,"ranking_epss":0.78164,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28315","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28315"],"published_time":"2021-04-13T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28316","summary":"Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability","cvss":4.2,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":4.2,"cvss_v4":null,"epss":0.0026,"ranking_epss":0.49391,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28316","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28316"],"published_time":"2021-04-13T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28317","summary":"Microsoft Windows Codecs Library Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00603,"ranking_epss":0.69591,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28317","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28317"],"published_time":"2021-04-13T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-28318","summary":"Windows GDI+ Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00538,"ranking_epss":0.67606,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28318","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-28318"],"published_time":"2021-04-13T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26413","summary":"Windows Installer Spoofing Vulnerability","cvss":6.2,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":6.2,"cvss_v4":null,"epss":0.00619,"ranking_epss":0.70066,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26413","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26413"],"published_time":"2021-04-13T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26415","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.11468,"ranking_epss":0.9363,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26415","https://www.zerodayinitiative.com/advisories/ZDI-21-409/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26415","https://www.zerodayinitiative.com/advisories/ZDI-21-409/"],"published_time":"2021-04-13T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-27072","summary":"Win32k Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00354,"ranking_epss":0.57814,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27072","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27072"],"published_time":"2021-04-13T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-27089","summary":"Microsoft Internet Messaging API Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.03937,"ranking_epss":0.88349,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27089","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27089"],"published_time":"2021-04-13T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-27093","summary":"Windows Kernel Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00596,"ranking_epss":0.69401,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27093","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27093"],"published_time":"2021-04-13T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-27077","summary":"Windows Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02947,"ranking_epss":0.8647,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27077","https://www.zerodayinitiative.com/advisories/ZDI-21-287/","https://www.zerodayinitiative.com/advisories/ZDI-21-403/","https://www.zerodayinitiative.com/advisories/ZDI-21-482/","https://www.zerodayinitiative.com/advisories/ZDI-21-494/","https://www.zerodayinitiative.com/advisories/ZDI-21-495/","https://www.zerodayinitiative.com/advisories/ZDI-21-496/","https://www.zerodayinitiative.com/advisories/ZDI-21-497/","https://www.zerodayinitiative.com/advisories/ZDI-21-498/","https://www.zerodayinitiative.com/advisories/ZDI-21-499/","https://www.zerodayinitiative.com/advisories/ZDI-21-500/","https://www.zerodayinitiative.com/advisories/ZDI-21-501/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27077","https://www.zerodayinitiative.com/advisories/ZDI-21-287/","https://www.zerodayinitiative.com/advisories/ZDI-21-403/","https://www.zerodayinitiative.com/advisories/ZDI-21-482/","https://www.zerodayinitiative.com/advisories/ZDI-21-494/","https://www.zerodayinitiative.com/advisories/ZDI-21-495/","https://www.zerodayinitiative.com/advisories/ZDI-21-496/","https://www.zerodayinitiative.com/advisories/ZDI-21-497/","https://www.zerodayinitiative.com/advisories/ZDI-21-498/","https://www.zerodayinitiative.com/advisories/ZDI-21-499/","https://www.zerodayinitiative.com/advisories/ZDI-21-500/","https://www.zerodayinitiative.com/advisories/ZDI-21-501/"],"published_time":"2021-03-11T16:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26898","summary":"Windows Event Tracing Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0051,"ranking_epss":0.66447,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26898","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26898"],"published_time":"2021-03-11T16:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26899","summary":"Windows UPnP Device Host Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00441,"ranking_epss":0.63255,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26899","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26899"],"published_time":"2021-03-11T16:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26901","summary":"Windows Event Tracing Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0051,"ranking_epss":0.66447,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26901","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26901"],"published_time":"2021-03-11T16:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26875","summary":"Windows Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57885,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26875","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26875"],"published_time":"2021-03-11T16:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26878","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57885,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26878","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26878"],"published_time":"2021-03-11T16:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26881","summary":"Microsoft Windows Media Foundation Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":7.5,"cvss_v4":null,"epss":0.08498,"ranking_epss":0.92381,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26881","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26881"],"published_time":"2021-03-11T16:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26882","summary":"Remote Access API Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.04221,"ranking_epss":0.88776,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26882","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26882"],"published_time":"2021-03-11T16:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26884","summary":"Windows Media Photo Codec Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00446,"ranking_epss":0.63519,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26884","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26884"],"published_time":"2021-03-11T16:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26886","summary":"User Profile Service Denial of Service Vulnerability","cvss":6.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00206,"ranking_epss":0.43047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26886","https://www.zerodayinitiative.com/advisories/ZDI-21-327/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26886","https://www.zerodayinitiative.com/advisories/ZDI-21-327/"],"published_time":"2021-03-11T16:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26887","summary":"<p>An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting another user's personal data to a created folder.</p>\n<p>To exploit the vulnerability, an attacker can create a new folder under the Folder Redirection root path and create a junction on a newly created User folder. When the new user logs in, Folder Redirection would start redirecting to the folder and copying personal data.</p>\n<p>This elevation of privilege vulnerability can only be addressed by reconfiguring Folder Redirection with Offline files and restricting permissions, and NOT via a security update for affected Windows Servers. See the <strong>FAQ</strong> section of this CVE for configuration guidance.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00459,"ranking_epss":0.64137,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26887","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26887"],"published_time":"2021-03-11T16:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26861","summary":"Windows Graphics Component Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12481,"ranking_epss":0.93943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26861","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26861"],"published_time":"2021-03-11T16:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26862","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00456,"ranking_epss":0.63928,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26862","https://www.zerodayinitiative.com/advisories/ZDI-21-285/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26862","https://www.zerodayinitiative.com/advisories/ZDI-21-285/"],"published_time":"2021-03-11T16:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26868","summary":"Windows Graphics Component Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.04946,"ranking_epss":0.89663,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26868","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26868"],"published_time":"2021-03-11T16:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26869","summary":"Windows ActiveX Installer Service Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00426,"ranking_epss":0.623,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26869","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26869"],"published_time":"2021-03-11T16:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26872","summary":"Windows Event Tracing Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00483,"ranking_epss":0.65226,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26872","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26872"],"published_time":"2021-03-11T16:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26873","summary":"Windows User Profile Service Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00267,"ranking_epss":0.50248,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26873","https://www.zerodayinitiative.com/advisories/ZDI-21-283/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26873","https://www.zerodayinitiative.com/advisories/ZDI-21-283/"],"published_time":"2021-03-11T16:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1640","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00752,"ranking_epss":0.73227,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1640","https://www.zerodayinitiative.com/advisories/ZDI-21-493/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1640","https://www.zerodayinitiative.com/advisories/ZDI-21-493/"],"published_time":"2021-03-11T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24107","summary":"Windows Event Tracing Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0038,"ranking_epss":0.59509,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24107","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24107"],"published_time":"2021-03-11T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-26411","summary":"Internet Explorer Memory Corruption Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":8.8,"cvss_v4":null,"epss":0.92473,"ranking_epss":0.99734,"kev":true,"propose_action":"Microsoft Internet Explorer contains an unspecified vulnerability that allows for memory corruption.","ransomware_campaign":"Known","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26411","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26411","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-26411"],"published_time":"2021-03-11T16:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24102","summary":"Windows Event Tracing Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57876,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24102","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24102"],"published_time":"2021-02-25T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24103","summary":"Windows Event Tracing Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00399,"ranking_epss":0.60678,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24103","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24103"],"published_time":"2021-02-25T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24111","summary":".NET Framework Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.24574,"ranking_epss":0.96139,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24111","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24111"],"published_time":"2021-02-25T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-25195","summary":"Windows PKU2U Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00193,"ranking_epss":0.41278,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-25195","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-25195"],"published_time":"2021-02-25T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24083","summary":"Windows Address Book Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.15675,"ranking_epss":0.94719,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24083","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24083"],"published_time":"2021-02-25T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24086","summary":"Windows TCP/IP Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.47183,"ranking_epss":0.97693,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/163499/Windows-TCP-IP-Denial-Of-Service.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24086","http://packetstormsecurity.com/files/163499/Windows-TCP-IP-Denial-Of-Service.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24086"],"published_time":"2021-02-25T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24088","summary":"Windows Local Spooler Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.0475,"ranking_epss":0.89449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24088","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24088"],"published_time":"2021-02-25T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24092","summary":"Microsoft Defender Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00414,"ranking_epss":0.61592,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24092","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24092"],"published_time":"2021-02-25T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24094","summary":"Windows TCP/IP Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.18621,"ranking_epss":0.95277,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24094"],"published_time":"2021-02-25T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1734","summary":"Windows Remote Procedure Call Information Disclosure Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.20315,"ranking_epss":0.95536,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1734","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1734"],"published_time":"2021-02-25T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24074","summary":"Windows TCP/IP Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.19037,"ranking_epss":0.95343,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24074"],"published_time":"2021-02-25T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24077","summary":"Windows Fax Service Remote Code Execution Vulnerability","cvss":9.8,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":9.8,"cvss_v4":null,"epss":0.04753,"ranking_epss":0.89453,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24077","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24077"],"published_time":"2021-02-25T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-24079","summary":"Windows Backup Engine Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00316,"ranking_epss":0.54679,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24079","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24079"],"published_time":"2021-02-25T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1722","summary":"Windows Fax Service Remote Code Execution Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":8.1,"cvss_v4":null,"epss":0.08465,"ranking_epss":0.92369,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1722","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1722"],"published_time":"2021-02-25T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1726","summary":"Microsoft SharePoint Server Spoofing Vulnerability","cvss":8.0,"cvss_version":3.0,"cvss_v2":6.0,"cvss_v3":8.0,"cvss_v4":null,"epss":0.06521,"ranking_epss":0.91141,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1726","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1726"],"published_time":"2021-02-25T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1727","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00093,"ranking_epss":0.2599,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1727","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1727"],"published_time":"2021-02-25T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17162","summary":"Microsoft Windows Security Feature Bypass Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11415,"ranking_epss":0.93599,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17162","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17162"],"published_time":"2021-02-25T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1706","summary":"Windows LUAFV Elevation of Privilege Vulnerability","cvss":7.3,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":7.3,"cvss_v4":null,"epss":0.02342,"ranking_epss":0.8489,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1706","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1706"],"published_time":"2021-01-12T20:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1708","summary":"Windows GDI+ Information Disclosure Vulnerability","cvss":5.7,"cvss_version":3.0,"cvss_v2":3.5,"cvss_v3":5.7,"cvss_v4":null,"epss":0.17264,"ranking_epss":0.95049,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1708","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1708"],"published_time":"2021-01-12T20:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1709","summary":"Windows Win32k Elevation of Privilege Vulnerability","cvss":7.0,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00175,"ranking_epss":0.39061,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1709","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1709"],"published_time":"2021-01-12T20:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1710","summary":"Microsoft Windows Media Foundation Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.02955,"ranking_epss":0.8649,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1710","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1710"],"published_time":"2021-01-12T20:15:34","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1688","summary":"Windows CSC Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00206,"ranking_epss":0.43047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1688","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1688"],"published_time":"2021-01-12T20:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1693","summary":"Windows CSC Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00271,"ranking_epss":0.50634,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1693","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1693"],"published_time":"2021-01-12T20:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1694","summary":"Windows Update Stack Elevation of Privilege Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.5,"cvss_v3":7.5,"cvss_v4":null,"epss":0.02967,"ranking_epss":0.86517,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1694","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1694"],"published_time":"2021-01-12T20:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1695","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0035,"ranking_epss":0.57511,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1695","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1695"],"published_time":"2021-01-12T20:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1696","summary":"Windows Graphics Component Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.18266,"ranking_epss":0.9522,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1696","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1696"],"published_time":"2021-01-12T20:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1699","summary":"Windows (modem.sys) Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00798,"ranking_epss":0.74067,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1699","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1699"],"published_time":"2021-01-12T20:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1700","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11095,"ranking_epss":0.93482,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1700","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1700"],"published_time":"2021-01-12T20:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1701","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11095,"ranking_epss":0.93482,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1701","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1701"],"published_time":"2021-01-12T20:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1702","summary":"Windows Remote Procedure Call Runtime Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0025,"ranking_epss":0.48282,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1702","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1702"],"published_time":"2021-01-12T20:15:33","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1671","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05825,"ranking_epss":0.90549,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1671","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1671"],"published_time":"2021-01-12T20:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1673","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05825,"ranking_epss":0.90549,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1673","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1673"],"published_time":"2021-01-12T20:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1674","summary":"Windows Remote Desktop Protocol Core Security Feature Bypass Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.04423,"ranking_epss":0.89047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1674","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1674"],"published_time":"2021-01-12T20:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1676","summary":"Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00695,"ranking_epss":0.71937,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1676","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1676"],"published_time":"2021-01-12T20:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1678","summary":"Windows Print Spooler Spoofing Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.75972,"ranking_epss":0.9892,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1678","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1678"],"published_time":"2021-01-12T20:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1679","summary":"Windows CryptoAPI  Denial of Service Vulnerability","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.08792,"ranking_epss":0.92533,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1679","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1679"],"published_time":"2021-01-12T20:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1683","summary":"Microsoft is aware of the &quot;Impersonation in the Passkey Entry Protocol&quot; vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.\nTo address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key","cvss":5.0,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.0,"cvss_v4":null,"epss":0.03656,"ranking_epss":0.87892,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1683","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1683"],"published_time":"2021-01-12T20:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1684","summary":"Microsoft is aware of the &quot;Impersonation in the Passkey Entry Protocol&quot; vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.\nTo address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key","cvss":5.0,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.0,"cvss_v4":null,"epss":0.03656,"ranking_epss":0.87892,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1684","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1684"],"published_time":"2021-01-12T20:15:32","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1652","summary":"Windows CSC Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00271,"ranking_epss":0.50634,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1652","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1652"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1653","summary":"Windows CSC Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00271,"ranking_epss":0.50634,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1653","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1653"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1654","summary":"Windows CSC Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00271,"ranking_epss":0.50634,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1654","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1654"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1655","summary":"Windows CSC Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00271,"ranking_epss":0.50634,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1655","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1655"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1656","summary":"TPM Device Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.01694,"ranking_epss":0.82298,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1656","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1656"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1657","summary":"Windows Fax Compose Form Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0035,"ranking_epss":0.57511,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1657","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1657"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1658","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05825,"ranking_epss":0.90549,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1658","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1658"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1659","summary":"Windows CSC Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00206,"ranking_epss":0.43047,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1659","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1659"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1660","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05825,"ranking_epss":0.90549,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1660","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1660"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1661","summary":"Windows Installer Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00267,"ranking_epss":0.50244,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1661","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1661"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1664","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05825,"ranking_epss":0.90549,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1664","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1664"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1665","summary":"GDI+ Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.18991,"ranking_epss":0.95332,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1665","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1665"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1666","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.05825,"ranking_epss":0.90549,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1666","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1666"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1667","summary":"Remote Procedure Call Runtime Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.11095,"ranking_epss":0.93482,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1667","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1667"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1668","summary":"Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.07084,"ranking_epss":0.91538,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1668","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1668"],"published_time":"2021-01-12T20:15:31","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1637","summary":"Windows DNS Query Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00281,"ranking_epss":0.51505,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1637","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1637"],"published_time":"2021-01-12T20:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1647","summary":"Microsoft Defender Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.77387,"ranking_epss":0.98985,"kev":true,"propose_action":"Microsoft Defender contains an unspecified vulnerability that allows for remote code execution.","ransomware_campaign":"Unknown","references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1647","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1647","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-1647"],"published_time":"2021-01-12T20:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1649","summary":"Active Template Library Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00271,"ranking_epss":0.50634,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1649","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1649"],"published_time":"2021-01-12T20:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2021-1650","summary":"Windows Runtime C++ Template Library Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00205,"ranking_epss":0.42736,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1650","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1650"],"published_time":"2021-01-12T20:15:30","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17140","summary":"Windows SMB Information Disclosure Vulnerability","cvss":8.1,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":8.1,"cvss_v4":null,"epss":0.12216,"ranking_epss":0.9387,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17140","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17140"],"published_time":"2020-12-10T00:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17096","summary":"Windows NTFS Remote Code Execution Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.06368,"ranking_epss":0.91028,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17096","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17096"],"published_time":"2020-12-10T00:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17097","summary":"Windows Digital Media Receiver Elevation of Privilege Vulnerability","cvss":3.3,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":3.3,"cvss_v4":null,"epss":0.00445,"ranking_epss":0.63477,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17097","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17097"],"published_time":"2020-12-10T00:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17098","summary":"Windows GDI+ Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00483,"ranking_epss":0.65224,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17098","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17098"],"published_time":"2020-12-10T00:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17092","summary":"Windows Network Connections Service Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0043,"ranking_epss":0.6258,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17092","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17092"],"published_time":"2020-12-10T00:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1599","summary":"Windows Spoofing Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.02669,"ranking_epss":0.85833,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1599","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1599"],"published_time":"2020-11-11T07:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17088","summary":"Windows Common Log File System Driver Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17088","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17088"],"published_time":"2020-11-11T07:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17087","summary":"Windows Kernel Local Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.22788,"ranking_epss":0.95894,"kev":true,"propose_action":"Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17087","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17087","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-17087"],"published_time":"2020-11-11T07:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17068","summary":"Windows GDI+ Remote Code Execution Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00376,"ranking_epss":0.59219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17068","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17068"],"published_time":"2020-11-11T07:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17069","summary":"Windows NDIS Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00426,"ranking_epss":0.623,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17069","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17069"],"published_time":"2020-11-11T07:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17042","summary":"Windows Print Spooler Remote Code Execution Vulnerability","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.20418,"ranking_epss":0.95557,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17042","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17042"],"published_time":"2020-11-11T07:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17043","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.09353,"ranking_epss":0.92782,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17043","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17043"],"published_time":"2020-11-11T07:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17044","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.09353,"ranking_epss":0.92782,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17044","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17044"],"published_time":"2020-11-11T07:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17045","summary":"Windows KernelStream Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00603,"ranking_epss":0.69591,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17045","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17045"],"published_time":"2020-11-11T07:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17047","summary":"Windows Network File System Denial of Service Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.2052,"ranking_epss":0.95573,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17047","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17047"],"published_time":"2020-11-11T07:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17052","summary":"Scripting Engine Memory Corruption Vulnerability","cvss":7.5,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.06841,"ranking_epss":0.91374,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17052","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17052"],"published_time":"2020-11-11T07:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17055","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.08162,"ranking_epss":0.92196,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17055","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17055"],"published_time":"2020-11-11T07:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17056","summary":"Windows Network File System Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0035,"ranking_epss":0.57531,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17056","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17056"],"published_time":"2020-11-11T07:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17026","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00249,"ranking_epss":0.48179,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17026","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17026"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17027","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0033,"ranking_epss":0.55995,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17027","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17027"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17028","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00249,"ranking_epss":0.48179,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17028","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17028"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17029","summary":"Windows Canonical Display Driver Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00426,"ranking_epss":0.623,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17029","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17029"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17031","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0033,"ranking_epss":0.55995,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17031","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17031"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17032","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00249,"ranking_epss":0.48179,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17032","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17032"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17033","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00249,"ranking_epss":0.48179,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17033","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17033"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17034","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0033,"ranking_epss":0.55995,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17034","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17034"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17036","summary":"Windows Function Discovery SSDP Provider Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00301,"ranking_epss":0.53451,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17036","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17036"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17038","summary":"Win32k Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00376,"ranking_epss":0.59219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17038","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17038"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17041","summary":"Windows Print Configuration Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00274,"ranking_epss":0.5084,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17041","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17041"],"published_time":"2020-11-11T07:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17011","summary":"Windows Port Class Library Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00372,"ranking_epss":0.58993,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17011","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17011"],"published_time":"2020-11-11T07:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17014","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00363,"ranking_epss":0.58404,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17014","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17014"],"published_time":"2020-11-11T07:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17024","summary":"Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00274,"ranking_epss":0.5084,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17024","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17024"],"published_time":"2020-11-11T07:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17025","summary":"Windows Remote Access Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00249,"ranking_epss":0.48179,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17025","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17025"],"published_time":"2020-11-11T07:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16997","summary":"Remote Desktop Protocol Server Information Disclosure Vulnerability","cvss":7.7,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":7.7,"cvss_v4":null,"epss":0.02156,"ranking_epss":0.84291,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16997","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16997"],"published_time":"2020-11-11T07:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17000","summary":"Remote Desktop Protocol Client Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00424,"ranking_epss":0.62245,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17000","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17000"],"published_time":"2020-11-11T07:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17001","summary":"Windows Print Spooler Elevation of Privilege Vulnerability","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00243,"ranking_epss":0.47573,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17001","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17001"],"published_time":"2020-11-11T07:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-17004","summary":"Windows Graphics Component Information Disclosure Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0035,"ranking_epss":0.57531,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17004","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17004"],"published_time":"2020-11-11T07:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16949","summary":"<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.</p>\n<p>Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.</p>\n<p>The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.</p>","cvss":4.7,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":4.7,"cvss_v4":null,"epss":0.06391,"ranking_epss":0.91046,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16949","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16949"],"published_time":"2020-10-16T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16927","summary":"<p>A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.</p>\n<p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.</p>\n<p>The update addresses the vulnerability by correcting how RDP handles connection requests.</p>","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.8,"cvss_v3":7.5,"cvss_v4":null,"epss":0.18609,"ranking_epss":0.95275,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16927","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16927"],"published_time":"2020-10-16T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16933","summary":"<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.</p>\n<p>To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.</p>\n<p>The security update addresses the vulnerability by correcting how Microsoft Word handles these files.</p>","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.0,"cvss_v4":null,"epss":0.04404,"ranking_epss":0.89023,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16933","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16933"],"published_time":"2020-10-16T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16935","summary":"<p>An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.</p>\n<p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p>\n<p>The update addresses the vulnerability by correcting how the Windows COM Server creates COM objects.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00573,"ranking_epss":0.68756,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16935","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16935"],"published_time":"2020-10-16T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16937","summary":"<p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory.</p>\n<p>To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application.</p>\n<p>The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.</p>","cvss":4.7,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.7,"cvss_v4":null,"epss":0.0869,"ranking_epss":0.92491,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16937","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16937"],"published_time":"2020-10-16T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16939","summary":"<p>An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p>\n<p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p>\n<p>The security update addresses the vulnerability by correcting how Group Policy checks access.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.19942,"ranking_epss":0.95475,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16939","https://www.zerodayinitiative.com/advisories/ZDI-20-1254/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16939","https://www.zerodayinitiative.com/advisories/ZDI-20-1254/"],"published_time":"2020-10-16T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16940","summary":"<p>An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.</p>\n<p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing.</p>\n<p>The security update addresses the vulnerability by correcting how the Windows User Profile Service handles junction points.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00318,"ranking_epss":0.54861,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16940","https://www.zerodayinitiative.com/advisories/ZDI-20-1248/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16940","https://www.zerodayinitiative.com/advisories/ZDI-20-1248/"],"published_time":"2020-10-16T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16911","summary":"<p>A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p>\n<p>There are multiple ways an attacker could exploit the vulnerability:</p>\n<ul>\n<li>In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to open an email attachment or click a link in an email or instant message.</li>\n<li>In a file-sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit the vulnerability, and then convince users to open the document file.</li>\n</ul>\n<p>The security update addresses the vulnerability by correcting the way that the Windows GDI handles objects in the memory.</p>","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.1773,"ranking_epss":0.95131,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16911","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16911"],"published_time":"2020-10-16T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16914","summary":"<p>An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by correcting how GDI+ handles memory addresses.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00628,"ranking_epss":0.70291,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16914","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16914"],"published_time":"2020-10-16T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16916","summary":"<p>An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.</p>\n<p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p>\n<p>The update addresses the vulnerability by correcting how the Windows COM Server creates COM objects.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00544,"ranking_epss":0.6781,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16916","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16916"],"published_time":"2020-10-16T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16920","summary":"<p>An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p>\n<p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the Windows Application Compatibility Client Library properly handles registry operations.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12779,"ranking_epss":0.94033,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16920","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16920"],"published_time":"2020-10-16T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16922","summary":"<p>A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.</p>\n<p>In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded.</p>\n<p>The update addresses the vulnerability by correcting how Windows validates file signatures.</p>","cvss":5.3,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.3,"cvss_v4":null,"epss":0.00543,"ranking_epss":0.67768,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16922","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16922"],"published_time":"2020-10-16T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16923","summary":"<p>A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.</p>\n<p>To exploit the vulnerability, a user would have to open a specially crafted file.</p>\n<p>The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12332,"ranking_epss":0.939,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16923","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16923"],"published_time":"2020-10-16T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16924","summary":"<p>A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.</p>\n<p>An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.</p>\n<p>The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.14496,"ranking_epss":0.94467,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16924","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16924"],"published_time":"2020-10-16T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16892","summary":"<p>An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.\nAn attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00511,"ranking_epss":0.66497,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16892","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16892"],"published_time":"2020-10-16T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16896","summary":"<p>An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>\n<p>To exploit this vulnerability, an attacker would need to run a specially crafted application against a server which provides Remote Desktop Protocol (RDP) services.</p>\n<p>The update addresses the vulnerability by correcting how RDP handles connection requests.</p>","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.10558,"ranking_epss":0.93293,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16896","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16896"],"published_time":"2020-10-16T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16897","summary":"<p>An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>\n<p>To exploit this vulnerability, an attacker would have run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p>\n<p>The update addresses the vulnerability by correcting how a NetBT handles objects in memory.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00603,"ranking_epss":0.69591,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16897","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16897"],"published_time":"2020-10-16T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16900","summary":"<p>An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.</p>\n<p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</p>\n<p>The security update addresses the vulnerability by correcting how the Windows Event System handles objects in memory.</p>","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00246,"ranking_epss":0.47907,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16900","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16900"],"published_time":"2020-10-16T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16902","summary":"<p>An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.</p>\n<p>A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>The security update addresses the vulnerability by correcting the input sanitization error to preclude unintended elevation.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00476,"ranking_epss":0.64905,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16902","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16902"],"published_time":"2020-10-16T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16887","summary":"<p>An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the Windows Network Connections Service properly handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00551,"ranking_epss":0.68045,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16887","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16887"],"published_time":"2020-10-16T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16889","summary":"<p>An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p>\n<p>The update addresses the vulnerability by correcting how the Windows KernelStream handles objects in memory.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00767,"ranking_epss":0.7352,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16889","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16889"],"published_time":"2020-10-16T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1598","summary":"<p>An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.</p>\n<p>The update addresses the vulnerability by correcting how the Windows UPnP service handles objects in memory.</p>","cvss":6.1,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":6.1,"cvss_v4":null,"epss":0.01054,"ranking_epss":0.77618,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1598","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1598"],"published_time":"2020-09-11T17:15:22","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1491","summary":"<p>An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the Windows Function Discovery Service properly handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00399,"ranking_epss":0.60687,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1491","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1491"],"published_time":"2020-09-11T17:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1508","summary":"<p>A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.</p>\n<p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.</p>\n<p>The security update addresses the vulnerability by correcting how Windows Media Audio Decoder handles objects.</p>","cvss":7.6,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.6,"cvss_v4":null,"epss":0.01635,"ranking_epss":0.8195,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1508","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1508"],"published_time":"2020-09-11T17:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1559","summary":"<p>An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p>\n<p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the Windows Storage Services properly handle file operations.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00399,"ranking_epss":0.60687,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1559","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1559"],"published_time":"2020-09-11T17:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1589","summary":"<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p>\n<p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p>","cvss":4.4,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":4.4,"cvss_v4":null,"epss":0.00384,"ranking_epss":0.59737,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1589","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1589"],"published_time":"2020-09-11T17:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1593","summary":"<p>A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.</p>\n<p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.</p>\n<p>The security update addresses the vulnerability by correcting how Windows Media Audio Decoder handles objects.</p>","cvss":7.6,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.6,"cvss_v4":null,"epss":0.01278,"ranking_epss":0.79593,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1593","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1593"],"published_time":"2020-09-11T17:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1596","summary":"<p>A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel.</p>\n<p>To exploit the vulnerability, an attacker would have to conduct a man-in-the-middle attack.</p>\n<p>The update addresses the vulnerability by correcting how TLS components use hash algorithms.</p>","cvss":5.4,"cvss_version":3.0,"cvss_v2":2.9,"cvss_v3":5.4,"cvss_v4":null,"epss":0.00175,"ranking_epss":0.39068,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1596","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1596"],"published_time":"2020-09-11T17:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1252","summary":"<p>A remote code execution vulnerability exists when Windows improperly handles objects in memory. To exploit the vulnerability an attacker would have to convince a user to run a specially crafted application.</p>\n<p>An attacker who successfully exploited this vulnerability could execute arbitrary code and take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>The updates address the vulnerability by correcting how Windows handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12082,"ranking_epss":0.93818,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1252","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1252"],"published_time":"2020-09-11T17:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1256","summary":"<p>An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.</p>\n<p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.</p>\n<p>The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.23013,"ranking_epss":0.95925,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1256","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1256"],"published_time":"2020-09-11T17:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1285","summary":"<p>A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p>\n<p>There are multiple ways an attacker could exploit the vulnerability:</p>\n<ul>\n<li>In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability and then convince users to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to open an email attachment or click a link in an email or instant message.</li>\n<li>In a file-sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit the vulnerability, and then convince users to open the document file.</li>\n</ul>\n<p>The security update addresses the vulnerability by correcting the way that the Windows GDI handles objects in the memory.</p>","cvss":8.4,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.4,"cvss_v4":null,"epss":0.14108,"ranking_epss":0.94379,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1285","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1285"],"published_time":"2020-09-11T17:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1376","summary":"<p>An elevation of privilege vulnerability exists in the way that fdSSDP.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the ssdpsrv.dll properly handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00399,"ranking_epss":0.60687,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1376","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1376"],"published_time":"2020-09-11T17:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1152","summary":"<p>An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.</p>\n<p>To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.</p>\n<p>The update addresses the vulnerability by correcting how Windows handles calls to Win32k.</p>","cvss":5.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":5.8,"cvss_v4":null,"epss":0.00186,"ranking_epss":0.40433,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1152","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1152"],"published_time":"2020-09-11T17:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1245","summary":"<p>An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p>\n<p>The update addresses this vulnerability by correcting how Win32k handles objects in memory.</p>","cvss":7.0,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00332,"ranking_epss":0.5614,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1245","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1245"],"published_time":"2020-09-11T17:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1250","summary":"<p>An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by correcting how win32k handles objects in memory.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00982,"ranking_epss":0.76828,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1250","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1250"],"published_time":"2020-09-11T17:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1033","summary":"<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>\n<p>An authenticated attacker could exploit this vulnerability by running a specially crafted application.</p>\n<p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p>","cvss":4.0,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":4.0,"cvss_v4":null,"epss":0.00775,"ranking_epss":0.7366,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1033","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1033"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1034","summary":"<p>An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.</p>","cvss":6.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.8,"cvss_v4":null,"epss":0.17023,"ranking_epss":0.94995,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1034","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1034"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1038","summary":"<p>A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding.</p>\n<p>The update addresses the vulnerability by correcting how Windows handles objects in memory.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00463,"ranking_epss":0.64333,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1038","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1038"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1039","summary":"<p>A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.</p>\n<p>An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.</p>\n<p>The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.11071,"ranking_epss":0.93474,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1039","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1039"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1052","summary":"<p>An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the ssdpsrv.dll properly handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49572,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1052","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1052"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1074","summary":"<p>A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.</p>\n<p>An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.</p>\n<p>The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.3131,"ranking_epss":0.96779,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1074","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1074"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1083","summary":"<p>An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.</p>\n<p>The update addresses the vulnerability by correcting the way in which the Windows Graphics Component handles objects in memory.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00694,"ranking_epss":0.71924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1083","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1083"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1091","summary":"<p>An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.</p>\n<p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.</p>\n<p>The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.</p>","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.27188,"ranking_epss":0.964,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1091","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1091"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1097","summary":"<p>An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.</p>\n<p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.</p>\n<p>The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.</p>","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.22317,"ranking_epss":0.95831,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1097","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1097"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1115","summary":"<p>An elevation of privilege vulnerability exists when the <a href=\"https://technet.microsoft.com/library/security/dn848375.aspx#CLFS\">Windows Common Log File System (CLFS)</a> driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p>\n<p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p>\n<p>The security update addresses the vulnerability by correcting how CLFS handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1115","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1115"],"published_time":"2020-09-11T17:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1012","summary":"<p>An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p>\n<p>There are multiple ways an attacker could exploit the vulnerability:</p>\n<ul>\n<li><p>In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit this vulnerability and then convince a user to view the website. An attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically by getting them to click a link in an email message or in an Instant Messenger message that takes users to the attacker's website, or by opening an attachment sent through email.</p>\n</li>\n<li><p>In a file sharing attack scenario, an attacker could provide a specially crafted document file that is designed to exploit this vulnerability, and then convince a user to open the document file.</p>\n</li>\n</ul>\n<p>The security update addresses the vulnerability by ensuring the Wininit.dll properly handles objects in memory.</p>","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.15324,"ranking_epss":0.94647,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1012","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1012"],"published_time":"2020-09-11T17:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1013","summary":"<p>An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.</p>\n<p>To exploit this vulnerability, an attacker would need to launch a man-in-the-middle (MiTM) attack against the traffic passing between a domain controller and the target machine. An attacker could then create a group policy to grant administrator rights to a standard user.</p>\n<p>The security update addresses the vulnerability by enforcing Kerberos authentication for certain calls over LDAP.</p>","cvss":7.5,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.5,"cvss_v4":null,"epss":0.32166,"ranking_epss":0.96838,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1013","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1013"],"published_time":"2020-09-11T17:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1030","summary":"<p>An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.</p>\n<p>The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.01539,"ranking_epss":0.81398,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1030","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1030"],"published_time":"2020-09-11T17:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1031","summary":"<p>An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory.</p>\n<p>To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server.  An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>\n<p>The security update addresses the vulnerability by correcting how DHCP servers initializes memory.</p>","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.1642,"ranking_epss":0.94893,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1031","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1031"],"published_time":"2020-09-11T17:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-16854","summary":"<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p>\n<p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p>\n<p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00432,"ranking_epss":0.62678,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16854","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16854"],"published_time":"2020-09-11T17:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0998","summary":"<p>An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p>\n<p>In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system.</p>\n<p>The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00363,"ranking_epss":0.58404,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0998","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0998"],"published_time":"2020-09-11T17:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0838","summary":"<p>An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p>\n<p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p>\n<p>The security update addresses the vulnerability by correcting how NTFS checks access.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00363,"ranking_epss":0.58404,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0838","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0838"],"published_time":"2020-09-11T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0875","summary":"<p>An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system (low-integrity to medium-integrity).</p>\n<p>This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.</p>\n<p>The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.26259,"ranking_epss":0.96317,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0875","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0875"],"published_time":"2020-09-11T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0878","summary":"<p>A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>\n<p>An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment.</p>\n<p>The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory.</p>","cvss":4.2,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":4.2,"cvss_v4":null,"epss":0.05268,"ranking_epss":0.90011,"kev":true,"propose_action":"Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user.","ransomware_campaign":"Known","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0878","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0878","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0878"],"published_time":"2020-09-11T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0886","summary":"<p>An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p>\n<p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p>\n<p>The security update addresses the vulnerability by ensuring the Windows Storage Services properly handle file operations.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00152,"ranking_epss":0.35845,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0886","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0886"],"published_time":"2020-09-11T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0911","summary":"<p>An elevation of privilege vulnerability exists when Windows Modules Installer improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.</p>\n<p>An attacker could exploit this vulnerability by running a specially crafted application on the victim system.</p>\n<p>The update addresses the vulnerability by correcting the way the Windows Modules Installer handles objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00429,"ranking_epss":0.6255,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0911","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0911"],"published_time":"2020-09-11T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0912","summary":"<p>An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory.</p>\n<p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</p>\n<p>The security update addresses the vulnerability by correcting how the Windows Function Discovery SSDP Provider handles memory.</p>","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00162,"ranking_epss":0.37126,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0912","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0912"],"published_time":"2020-09-11T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0921","summary":"Microsoft Graphics Component Denial of Service Vulnerability","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00694,"ranking_epss":0.71924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0921","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0921"],"published_time":"2020-09-11T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0922","summary":"<p>A remote code execution vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.</p>\n<p>To exploit the vulnerability, a user would have to open a specially crafted file or lure the target to a website hosting malicious JavaScript.</p>\n<p>The security update addresses the vulnerability by correcting how Microsoft COM for Windows handles objects in memory.</p>","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.1773,"ranking_epss":0.95131,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0922","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0922"],"published_time":"2020-09-11T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0941","summary":"<p>An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.</p>\n<p>To exploit the vulnerability, an attacker would have to either log on locally to an affected system, or convince a locally authenticated user to execute a specially crafted application.</p>\n<p>The security update addresses the vulnerability by correcting how win32k handles objects in memory.</p>","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00775,"ranking_epss":0.7366,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0941","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0941"],"published_time":"2020-09-11T17:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0648","summary":"<p>An elevation of privilege vulnerability exists when the Windows RSoP Service Application improperly handles memory.</p>\n<p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</p>\n<p>The security update addresses the vulnerability by correcting how the Windows RSoP Service Application handles memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00408,"ranking_epss":0.61258,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0648","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0648"],"published_time":"2020-09-11T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0782","summary":"<p>An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.</p>\n<p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p>\n<p>The security update addresses the vulnerability by addressing how the Windows Cryptographic Catalog Services handle objects in memory.</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00367,"ranking_epss":0.58677,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0782","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0782"],"published_time":"2020-09-11T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0790","summary":"<p>A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.</p>\n<p>This vulnerability by itself does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability (such as a remote code execution vulnerability or another elevation of privilege vulnerability) that is capable of leveraging the elevated privileges when code execution is attempted.</p>\n<p>The security update addresses the vulnerability by ensuring splwow64.exe properly handles these calls..</p>","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49572,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0790","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0790"],"published_time":"2020-09-11T17:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1577","summary":"An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.\nThe security update addresses the vulnerability by correcting how DirectWrite handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.22151,"ranking_epss":0.95811,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1577","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1577"],"published_time":"2020-08-17T19:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1579","summary":"An elevation of privilege vulnerability exists when the Windows Function Discovery SSDP Provider improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Function Discovery SSDP Provider handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00401,"ranking_epss":0.60803,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1579","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1579"],"published_time":"2020-08-17T19:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1584","summary":"An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\nTo exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.\nThe security update addresses the vulnerability by ensuring the dnsrslvr.dll properly handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00544,"ranking_epss":0.6781,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1584","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1584"],"published_time":"2020-08-17T19:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1587","summary":"An elevation of privilege vulnerability exists when the Windows Ancillary Function Driver for WinSock improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Ancillary Function Driver for WinSock handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00401,"ranking_epss":0.60803,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1587","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1587"],"published_time":"2020-08-17T19:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1557","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.\nAn attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.\nThe update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.","cvss":7.3,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.3,"cvss_v4":null,"epss":0.13882,"ranking_epss":0.94324,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1557","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1557"],"published_time":"2020-08-17T19:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1558","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.\nAn attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.\nThe update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.14496,"ranking_epss":0.94467,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1558","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1558"],"published_time":"2020-08-17T19:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1562","summary":"A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.\nTo exploit the vulnerability, a user would have to open a specially crafted file.\nThe security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.14496,"ranking_epss":0.94467,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1562","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1562"],"published_time":"2020-08-17T19:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1564","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.\nAn attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.\nThe update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.11304,"ranking_epss":0.93554,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1564","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1564"],"published_time":"2020-08-17T19:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1565","summary":"An elevation of privilege vulnerability exists when the &quot;Public Account Pictures&quot; folder improperly handles junctions.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how Windows handles junctions.","cvss":7.5,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.03365,"ranking_epss":0.87374,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1565","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1565"],"published_time":"2020-08-17T19:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1567","summary":"A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.\nAn attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a HTML editing attack scenario, an attacker could trick a user into editing a specially crafted file that is designed to exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how MSHTML engine validates input.","cvss":4.2,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":4.2,"cvss_v4":null,"epss":0.02503,"ranking_epss":0.85369,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1567","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1567"],"published_time":"2020-08-17T19:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1570","summary":"A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked &quot;safe for initialization&quot; in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.04546,"ranking_epss":0.892,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1570","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1570"],"published_time":"2020-08-17T19:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1542","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1542","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1542"],"published_time":"2020-08-17T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1543","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1543","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1543"],"published_time":"2020-08-17T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1544","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1544","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1544"],"published_time":"2020-08-17T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1545","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00408,"ranking_epss":0.61258,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1545","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1545"],"published_time":"2020-08-17T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1546","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00408,"ranking_epss":0.61258,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1546","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1546"],"published_time":"2020-08-17T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1547","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49572,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1547","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1547"],"published_time":"2020-08-17T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1551","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00541,"ranking_epss":0.67713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1551","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1551"],"published_time":"2020-08-17T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1552","summary":"An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.\nAn attacker could exploit this vulnerability by running a specially crafted application on the victim system.\nThe update addresses the vulnerability by correcting the way the Windows Work Folder Service handles file operations.","cvss":8.0,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.0,"cvss_v4":null,"epss":0.00792,"ranking_epss":0.73959,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1552","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1552"],"published_time":"2020-08-17T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1554","summary":"A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.\nThe security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.15675,"ranking_epss":0.94719,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1554","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1554"],"published_time":"2020-08-17T19:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1526","summary":"An elevation of privilege vulnerability exists when the Windows Network Connection Broker improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Network Connection Broker handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1526","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1526"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1529","summary":"An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.\nThe update addresses the vulnerability by correcting how GDI handles objects in memory and by preventing instances of unintended user-mode privilege elevation.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00376,"ranking_epss":0.59219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1529","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1529"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1530","summary":"An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how Windows Remote Access handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00492,"ranking_epss":0.65676,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1530","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1530"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1531","summary":"An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Accounts Control handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.11937,"ranking_epss":0.93781,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1531","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1531"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1534","summary":"An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.15021,"ranking_epss":0.94586,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1534","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1534"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1535","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1535","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1535"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1536","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1536","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1536"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1537","summary":"An elevation of privilege vulnerability exists when the Windows Remote Access improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.\nTo exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.\nThe security update addresses the vulnerability by ensuring the Windows Remote Access properly handles file operations.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1537","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1537"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1538","summary":"An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows UPnP Device Host handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1538","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1538"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1539","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1539","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1539"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1540","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1540","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1540"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1541","summary":"An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Backup Engine handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1541","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1541"],"published_time":"2020-08-17T19:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1509","summary":"An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the target system's LSASS service.\nThe security update addresses the vulnerability by changing the way that LSASS handles specially crafted authentication requests.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":7.8,"cvss_v4":null,"epss":0.06777,"ranking_epss":0.91332,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1509","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1509"],"published_time":"2020-08-17T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1513","summary":"An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows CSC Service handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1513","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1513"],"published_time":"2020-08-17T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1515","summary":"An elevation of privilege vulnerability exists when the Windows Telephony Server improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Telephony Server handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1515","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1515"],"published_time":"2020-08-17T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1516","summary":"An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Work Folders Service handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1516","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1516"],"published_time":"2020-08-17T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1517","summary":"An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows File Server Resource Management Service handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00541,"ranking_epss":0.67713,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1517","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1517"],"published_time":"2020-08-17T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1518","summary":"An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows File Server Resource Management Service handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00408,"ranking_epss":0.61258,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1518","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1518"],"published_time":"2020-08-17T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1519","summary":"An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows UPnP Device Host handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00408,"ranking_epss":0.61258,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1519","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1519"],"published_time":"2020-08-17T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1520","summary":"A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory.\nAn attacker who successfully exploited the vulnerability would gain execution on a victim system.\nThe security update addresses the vulnerability by correcting how the Windows Font Driver Host handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00376,"ranking_epss":0.59219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1520","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1520"],"published_time":"2020-08-17T19:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1489","summary":"An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows CSC Service handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00268,"ranking_epss":0.50337,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1489","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1489"],"published_time":"2020-08-17T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1492","summary":"A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.\nThe security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.15,"ranking_epss":0.94583,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1492","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1492"],"published_time":"2020-08-17T19:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1470","summary":"An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Work Folders Service handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00593,"ranking_epss":0.69317,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1470","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1470"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1473","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.\nAn attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.\nThe update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.0,"cvss_v4":null,"epss":0.06014,"ranking_epss":0.90727,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1473","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1473"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1474","summary":"An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.\nTo exploit the vulnerability, an authenticated attacker could connect an imaging device (camera, scanner, cellular phone) to an affected system and run a specially crafted application to disclose information.\nThe security update addresses the vulnerability by correcting how the WIA Service handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00781,"ranking_epss":0.73745,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1474","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1474"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1475","summary":"An elevation of privilege vulnerability exists in the way that the srmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.\nTo exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.\nThe security update addresses the vulnerability by ensuring the srmsvc.dll properly handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00579,"ranking_epss":0.68921,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1475","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1475"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1476","summary":"An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files.\nTo exploit this vulnerability, an attacker would need to send a specially crafted request to an affected server.\nThe update addresses the vulnerability by changing how ASP.NET and .NET handle requests.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00982,"ranking_epss":0.76828,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1476","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1476"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1477","summary":"A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.\nThe security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory.","cvss":7.0,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.0,"cvss_v4":null,"epss":0.0484,"ranking_epss":0.8954,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1477","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1477"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1478","summary":"A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.\nThe security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.15021,"ranking_epss":0.94586,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1478","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1478"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1484","summary":"An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.\nTo exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how the Windows Work Folders Service handles memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00399,"ranking_epss":0.60678,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1484","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1484"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1485","summary":"An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.\nTo exploit the vulnerability, an authenticated attacker could connect an imaging device (camera, scanner, cellular phone) to an affected system and run a specially crafted application to disclose information.\nThe security update addresses the vulnerability by correcting how the WIA Service handles objects in memory.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0038,"ranking_epss":0.59509,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1485","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1485"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1486","summary":"An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.\nThe update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00376,"ranking_epss":0.59219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1486","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1486"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1487","summary":"An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.\nTo exploit this vulnerability, an attacker would have to log onto an affected system and open a specially crafted file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.\nThe update addresses the vulnerability by correcting how Media Foundation handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.21467,"ranking_epss":0.95723,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1487","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1487"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1488","summary":"An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.\nTo exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.\nThe security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges.","cvss":7.0,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.0,"cvss_v4":null,"epss":0.00213,"ranking_epss":0.43841,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1488","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1488"],"published_time":"2020-08-17T19:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1337","summary":"An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nTo exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.\nThe update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.55313,"ranking_epss":0.98076,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/160028/Microsoft-Windows-Local-Spooler-Bypass.html","http://packetstormsecurity.com/files/160993/Microsoft-Spooler-Local-Privilege-Elevation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1337","http://packetstormsecurity.com/files/160028/Microsoft-Windows-Local-Spooler-Bypass.html","http://packetstormsecurity.com/files/160993/Microsoft-Spooler-Local-Privilege-Elevation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1337"],"published_time":"2020-08-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1339","summary":"A remote code execution vulnerability exists when Windows Media Audio Codec improperly handles objects. An attacker who successfully exploited the vulnerability could take control of an affected system.\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.\nThe security update addresses the vulnerability by correcting how Windows Media Audio Codec handles objects.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.141,"ranking_epss":0.94377,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1339","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1339"],"published_time":"2020-08-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1377","summary":"An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.\nA locally authenticated attacker could exploit this vulnerability by running a specially crafted application.\nThe security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00152,"ranking_epss":0.35942,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/158938/Microsoft-Windows-CmpDoReDoCreateKey-Arbitrary-Registry-Key-Creation-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1377","http://packetstormsecurity.com/files/158938/Microsoft-Windows-CmpDoReDoCreateKey-Arbitrary-Registry-Key-Creation-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1377"],"published_time":"2020-08-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1378","summary":"An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.\nA locally authenticated attacker could exploit this vulnerability by running a specially crafted application.\nThe security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly handles objects in memory.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.5,"cvss_v4":null,"epss":0.02227,"ranking_epss":0.84539,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/158939/Microsoft-Windows-CmpDoReadTxRBigLogRecord-Memory-Corruption-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1378","http://packetstormsecurity.com/files/158939/Microsoft-Windows-CmpDoReadTxRBigLogRecord-Memory-Corruption-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1378"],"published_time":"2020-08-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1379","summary":"A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.\nThere are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit a malicious webpage.\nThe security update addresses the vulnerability by correcting how Windows Media Foundation handles objects in memory.","cvss":5.5,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":5.5,"cvss_v4":null,"epss":0.25276,"ranking_epss":0.9621,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1379","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1379"],"published_time":"2020-08-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1380","summary":"A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.\nIn a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked &quot;safe for initialization&quot; in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.\nThe security update addresses the vulnerability by modifying how the scripting engine handles objects in memory.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.91733,"ranking_epss":0.99686,"kev":true,"propose_action":"Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/163056/Internet-Explorer-jscript9.dll-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380","http://packetstormsecurity.com/files/163056/Internet-Explorer-jscript9.dll-Memory-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1380"],"published_time":"2020-08-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1383","summary":"An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system\nTo exploit this vulnerability, an attacker would need to run a specially crafted application against an RPC server which has Routing and Remote Access enabled. Routing and Remote Access is a non-default configuration; systems without it enabled are not vulnerable.\nThe security update addresses the vulnerability by correcting how the Routing and Remote Access service handles requests.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00694,"ranking_epss":0.71924,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1383","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1383"],"published_time":"2020-08-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1464","summary":"A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.\nIn an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded.\nThe update addresses the vulnerability by correcting how Windows validates file signatures.","cvss":7.8,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":7.8,"cvss_v4":null,"epss":0.10834,"ranking_epss":0.93387,"kev":true,"propose_action":"Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.","ransomware_campaign":"Unknown","references":["https://blog.virustotal.com/2019/01/distribution-of-malicious-jar-appended.html","https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/","https://medium.com/%40TalBeerySec/glueball-the-story-of-cve-2020-1464-50091a1f98bd","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464","https://blog.virustotal.com/2019/01/distribution-of-malicious-jar-appended.html","https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/","https://medium.com/%40TalBeerySec/glueball-the-story-of-cve-2020-1464-50091a1f98bd","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1464"],"published_time":"2020-08-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1467","summary":"An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.\nTo exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.\nThe security update addresses the vulnerability by correcting how Windows handles hard links.","cvss":10.0,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":10.0,"cvss_v4":null,"epss":0.01685,"ranking_epss":0.82241,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1467","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1467"],"published_time":"2020-08-17T19:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-15705","summary":"GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions.","cvss":6.4,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00024,"ranking_epss":0.06312,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","http://www.openwall.com/lists/oss-security/2021/03/02/3","http://www.openwall.com/lists/oss-security/2021/09/17/2","http://www.openwall.com/lists/oss-security/2021/09/17/4","http://www.openwall.com/lists/oss-security/2021/09/21/1","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","http://www.openwall.com/lists/oss-security/2021/03/02/3","http://www.openwall.com/lists/oss-security/2021/09/17/2","http://www.openwall.com/lists/oss-security/2021/09/17/4","http://www.openwall.com/lists/oss-security/2021/09/21/1","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673"],"published_time":"2020-07-29T18:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-15706","summary":"GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions.","cvss":6.4,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":6.4,"cvss_v4":null,"epss":0.00052,"ranking_epss":0.16207,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.debian.org/security/2020/dsa-4735","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.debian.org/security/2020/dsa-4735","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673"],"published_time":"2020-07-29T18:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-15707","summary":"Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.","cvss":5.7,"cvss_version":3.0,"cvss_v2":4.4,"cvss_v3":5.7,"cvss_v4":null,"epss":0.00032,"ranking_epss":0.09035,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.debian.org/security/2020/dsa-4735","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00016.html","http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00017.html","http://ubuntu.com/security/notices/USN-4432-1","http://www.openwall.com/lists/oss-security/2020/07/29/3","https://access.redhat.com/security/vulnerabilities/grub2bootloader","https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200011","https://security.gentoo.org/glsa/202104-05","https://security.netapp.com/advisory/ntap-20200731-0008/","https://usn.ubuntu.com/4432-1/","https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GRUB2SecureBootBypass","https://www.debian.org/security/2020-GRUB-UEFI-SecureBoot","https://www.debian.org/security/2020/dsa-4735","https://www.eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/","https://www.openwall.com/lists/oss-security/2020/07/29/3","https://www.suse.com/c/suse-addresses-grub2-secure-boot-issue/","https://www.suse.com/support/kb/doc/?id=000019673"],"published_time":"2020-07-29T18:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1461","summary":"An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00217,"ranking_epss":0.44294,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1461","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1461"],"published_time":"2020-07-14T23:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1468","summary":"An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.21495,"ranking_epss":0.95726,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1468","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1468"],"published_time":"2020-07-14T23:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1435","summary":"A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.35773,"ranking_epss":0.97087,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1435","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1435"],"published_time":"2020-07-14T23:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1436","summary":"A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Windows Font Library Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.13336,"ranking_epss":0.94198,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://www.openwall.com/lists/oss-security/2020/08/25/3","http://www.openwall.com/lists/oss-security/2020/08/25/5","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1436","https://www.zerodayinitiative.com/advisories/ZDI-20-877/","http://www.openwall.com/lists/oss-security/2020/08/25/3","http://www.openwall.com/lists/oss-security/2020/08/25/5","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1436","https://www.zerodayinitiative.com/advisories/ZDI-20-877/"],"published_time":"2020-07-14T23:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1437","summary":"An elevation of privilege vulnerability exists in the way that the Windows Network Location Awareness Service handles objects in memory, aka 'Windows Network Location Awareness Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49569,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1437","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1437"],"published_time":"2020-07-14T23:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1438","summary":"An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1427, CVE-2020-1428.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1438","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1438"],"published_time":"2020-07-14T23:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1427","summary":"An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1428, CVE-2020-1438.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1427","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1427"],"published_time":"2020-07-14T23:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1428","summary":"An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1427, CVE-2020-1438.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49569,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1428","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1428"],"published_time":"2020-07-14T23:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1430","summary":"An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows UPnP Device Host Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1354.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00573,"ranking_epss":0.68751,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1430","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1430"],"published_time":"2020-07-14T23:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1432","summary":"An information disclosure vulnerability exists when Skype for Business is accessed via Internet Explorer, aka 'Skype for Business via Internet Explorer Information Disclosure Vulnerability'.","cvss":4.3,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":4.3,"cvss_v4":null,"epss":0.09585,"ranking_epss":0.92882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1432","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1432"],"published_time":"2020-07-14T23:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1406","summary":"An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00372,"ranking_epss":0.58993,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1406","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1406"],"published_time":"2020-07-14T23:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1407","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1401.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1407","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1407"],"published_time":"2020-07-14T23:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1408","summary":"A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.15866,"ranking_epss":0.9476,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1408","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1408"],"published_time":"2020-07-14T23:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1409","summary":"A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1409","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1409"],"published_time":"2020-07-14T23:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1410","summary":"A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files.To exploit the vulnerability, an attacker could send a malicious vcard that a victim opens using Windows Address Book (WAB), aka 'Windows Address Book Remote Code Execution Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1410","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1410"],"published_time":"2020-07-14T23:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1412","summary":"A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.22583,"ranking_epss":0.95864,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1412","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-exp-8RsuEu8S","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1412","https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-info-exp-8RsuEu8S"],"published_time":"2020-07-14T23:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1419","summary":"An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1426.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00644,"ranking_epss":0.7071,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1419","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1419"],"published_time":"2020-07-14T23:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1396","summary":"An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1396","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1396"],"published_time":"2020-07-14T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1397","summary":"An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.29795,"ranking_epss":0.96647,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1397","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1397"],"published_time":"2020-07-14T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1399","summary":"An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1353, CVE-2020-1370, CVE-2020-1404, CVE-2020-1413, CVE-2020-1414, CVE-2020-1415, CVE-2020-1422.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00243,"ranking_epss":0.4757,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1399","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1399"],"published_time":"2020-07-14T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1400","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1401, CVE-2020-1407.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.26662,"ranking_epss":0.96352,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1400","https://www.zerodayinitiative.com/advisories/ZDI-20-924/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1400","https://www.zerodayinitiative.com/advisories/ZDI-20-924/"],"published_time":"2020-07-14T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1401","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1407.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1401","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1401"],"published_time":"2020-07-14T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1402","summary":"An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00323,"ranking_epss":0.55395,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1402","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1402"],"published_time":"2020-07-14T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1403","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.09339,"ranking_epss":0.92775,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1403","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1403"],"published_time":"2020-07-14T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1374","summary":"A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.1,"cvss_v3":7.5,"cvss_v4":null,"epss":0.13201,"ranking_epss":0.94158,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1374","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1374"],"published_time":"2020-07-14T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1384","summary":"An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka 'Windows CNG Key Isolation Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1359.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1384","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1384"],"published_time":"2020-07-14T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1385","summary":"An elevation of privilege vulnerability exists in the way that the Windows Credential Picker handles objects in memory, aka 'Windows Credential Picker Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00243,"ranking_epss":0.4757,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1385","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1385"],"published_time":"2020-07-14T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1389","summary":"An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1419, CVE-2020-1426.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00407,"ranking_epss":0.61163,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1389","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1389"],"published_time":"2020-07-14T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1390","summary":"An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1427, CVE-2020-1428, CVE-2020-1438.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1390","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1390"],"published_time":"2020-07-14T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1365","summary":"An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event Logging Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1371.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00573,"ranking_epss":0.68751,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1365","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1365"],"published_time":"2020-07-14T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1368","summary":"An elevation of privilege vulnerability exists in the way that the Credential Enrollment Manager service handles objects in memory, aka 'Windows Credential Enrollment Manager Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00243,"ranking_epss":0.4757,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1368","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1368"],"published_time":"2020-07-14T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1371","summary":"An elevation of privilege vulnerability exists when the Windows Event Logging Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event Logging Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1365.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00332,"ranking_epss":0.56127,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1371","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1371"],"published_time":"2020-07-14T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1373","summary":"An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1390, CVE-2020-1427, CVE-2020-1428, CVE-2020-1438.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1373","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1373"],"published_time":"2020-07-14T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1351","summary":"An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00275,"ranking_epss":0.51025,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1351","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1351"],"published_time":"2020-07-14T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1354","summary":"An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows UPnP Device Host Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1430.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00573,"ranking_epss":0.68751,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1354","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1354"],"published_time":"2020-07-14T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1359","summary":"An elevation of privilege vulnerability exists when the Windows Cryptography Next Generation (CNG) Key Isolation service improperly handles memory, aka 'Windows CNG Key Isolation Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1384.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1359","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1359"],"published_time":"2020-07-14T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1360","summary":"An elevation of privilege vulnerability exists when the Windows Profile Service improperly handles file operations, aka 'Windows Profile Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49569,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1360","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1360"],"published_time":"2020-07-14T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1147","summary":"A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input, aka '.NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.9343,"ranking_epss":0.99818,"kev":true,"propose_action":"Microsoft .NET Framework, Microsoft SharePoint, and Visual Studio contain a remote code execution vulnerability when the software fails to check the source markup of XML file input. Successful exploitation allows an attacker to execute code in the context of the process responsible for deserialization of the XML content.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html","http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html","http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1147","https://www.exploitalert.com/view-details.html?id=35992","http://packetstormsecurity.com/files/158694/SharePoint-DataSet-DataTable-Deserialization.html","http://packetstormsecurity.com/files/158876/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html","http://packetstormsecurity.com/files/163644/Microsoft-SharePoint-Server-2019-Remote-Code-Execution.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1147","https://www.exploitalert.com/view-details.html?id=35992","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1147"],"published_time":"2020-07-14T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1249","summary":"An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1353, CVE-2020-1370, CVE-2020-1399, CVE-2020-1404, CVE-2020-1413, CVE-2020-1414, CVE-2020-1415, CVE-2020-1422.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0033,"ranking_epss":0.55995,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1249","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1249"],"published_time":"2020-07-14T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1267","summary":"This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'.","cvss":4.9,"cvss_version":3.0,"cvss_v2":4.0,"cvss_v3":4.9,"cvss_v4":null,"epss":0.03441,"ranking_epss":0.87505,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1267","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1267"],"published_time":"2020-07-14T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1333","summary":"An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege Vulnerability'.","cvss":6.7,"cvss_version":3.0,"cvss_v2":3.7,"cvss_v3":6.7,"cvss_v4":null,"epss":0.0041,"ranking_epss":0.61362,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1333","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1333"],"published_time":"2020-07-14T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1346","summary":"An elevation of privilege vulnerability exists when the Windows Modules Installer improperly handles file operations, aka 'Windows Modules Installer Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49569,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1346","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1346"],"published_time":"2020-07-14T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1085","summary":"An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49569,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1085","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1085"],"published_time":"2020-07-14T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1317","summary":"An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.16259,"ranking_epss":0.94837,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1317","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1317"],"published_time":"2020-06-09T20:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1334","summary":"An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00243,"ranking_epss":0.4757,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1334","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1334"],"published_time":"2020-06-09T20:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1348","summary":"An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.24232,"ranking_epss":0.96104,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1348","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1348"],"published_time":"2020-06-09T20:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1310","summary":"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1251, CVE-2020-1253.","cvss":6.7,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00407,"ranking_epss":0.61148,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1310","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1310"],"published_time":"2020-06-09T20:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1311","summary":"An elevation of privilege vulnerability exists when Component Object Model (COM) client uses special case IIDs, aka 'Component Object Model Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12481,"ranking_epss":0.93943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1311","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1311"],"published_time":"2020-06-09T20:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1314","summary":"An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server fails to properly handle messages sent from TSF clients, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12481,"ranking_epss":0.93943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1314","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1314"],"published_time":"2020-06-09T20:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1315","summary":"An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory, aka 'Internet Explorer Information Disclosure Vulnerability'.","cvss":5.3,"cvss_version":3.0,"cvss_v2":2.6,"cvss_v3":5.3,"cvss_v4":null,"epss":0.05496,"ranking_epss":0.90241,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1315","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1315"],"published_time":"2020-06-09T20:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1291","summary":"An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12481,"ranking_epss":0.93943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1291","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1291"],"published_time":"2020-06-09T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1299","summary":"A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.35773,"ranking_epss":0.97087,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1299","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1299"],"published_time":"2020-06-09T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1300","summary":"A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious cabinet file disguised as a printer driver.The update addresses the vulnerability by correcting how Windows handles cabinet files., aka 'Windows Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.36518,"ranking_epss":0.97135,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1300","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1300"],"published_time":"2020-06-09T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1301","summary":"A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.59532,"ranking_epss":0.98256,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1301","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1301"],"published_time":"2020-06-09T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1302","summary":"An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1272, CVE-2020-1277, CVE-2020-1312.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00707,"ranking_epss":0.72216,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1302","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1302"],"published_time":"2020-06-09T20:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1281","summary":"A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.37699,"ranking_epss":0.9721,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/158028/Microsoft-Windows-Privilege-Escalation-Code-Execution.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1281","http://packetstormsecurity.com/files/158028/Microsoft-Windows-Privilege-Escalation-Code-Execution.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1281"],"published_time":"2020-06-09T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1282","summary":"An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1304, CVE-2020-1306, CVE-2020-1334.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.10952,"ranking_epss":0.93436,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1282","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1282"],"published_time":"2020-06-09T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1287","summary":"An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1294.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12481,"ranking_epss":0.93943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1287","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1287"],"published_time":"2020-06-09T20:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1260","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.05133,"ranking_epss":0.89882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1260","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1260"],"published_time":"2020-06-09T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1262","summary":"An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00401,"ranking_epss":0.60803,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1262","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1262"],"published_time":"2020-06-09T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1263","summary":"An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1261.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00374,"ranking_epss":0.5909,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1263","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1263"],"published_time":"2020-06-09T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1269","summary":"An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00531,"ranking_epss":0.67307,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00035.html","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00063.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1269","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00035.html","http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00063.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1269"],"published_time":"2020-06-09T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1270","summary":"An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory, aka 'Windows WLAN Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00355,"ranking_epss":0.57883,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1270","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1270"],"published_time":"2020-06-09T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1272","summary":"An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1277, CVE-2020-1302, CVE-2020-1312.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00544,"ranking_epss":0.6781,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1272","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1272"],"published_time":"2020-06-09T20:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1239","summary":"A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1238.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.32984,"ranking_epss":0.96903,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1239","https://www.zerodayinitiative.com/advisories/ZDI-20-697/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1239","https://www.zerodayinitiative.com/advisories/ZDI-20-697/"],"published_time":"2020-06-09T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1246","summary":"An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00544,"ranking_epss":0.6781,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1246","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1246"],"published_time":"2020-06-09T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1247","summary":"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1251, CVE-2020-1253, CVE-2020-1310.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00376,"ranking_epss":0.59219,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1247","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1247"],"published_time":"2020-06-09T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1251","summary":"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1253, CVE-2020-1310.","cvss":6.7,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00303,"ranking_epss":0.53622,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1251","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1251"],"published_time":"2020-06-09T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1253","summary":"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1251, CVE-2020-1310.","cvss":6.7,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.7,"cvss_v4":null,"epss":0.00411,"ranking_epss":0.61437,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1253","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1253"],"published_time":"2020-06-09T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1254","summary":"An elevation of privilege vulnerability exists when Windows Modules Installer Service improperly handles class object members.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Modules Installer Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00277,"ranking_epss":0.51145,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1254","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1254"],"published_time":"2020-06-09T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1255","summary":"An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.5,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17338,"ranking_epss":0.95065,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1255","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1255"],"published_time":"2020-06-09T20:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1220","summary":"A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'.","cvss":6.1,"cvss_version":3.0,"cvss_v2":5.8,"cvss_v3":6.1,"cvss_v4":null,"epss":0.00292,"ranking_epss":0.52614,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1220","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1220"],"published_time":"2020-06-09T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1230","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1260.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.09339,"ranking_epss":0.92775,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1230","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1230"],"published_time":"2020-06-09T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1231","summary":"An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-1334.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.08352,"ranking_epss":0.92307,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1231","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1231"],"published_time":"2020-06-09T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1236","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1208.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1236","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1236"],"published_time":"2020-06-09T20:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1208","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1236.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.39646,"ranking_epss":0.9732,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1208","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1208"],"published_time":"2020-06-09T20:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1212","summary":"An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'OLE Automation Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.13971,"ranking_epss":0.9435,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1212","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1212"],"published_time":"2020-06-09T20:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1213","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.05133,"ranking_epss":0.89882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1213","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1213"],"published_time":"2020-06-09T20:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1214","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.09339,"ranking_epss":0.92775,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1214","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1214"],"published_time":"2020-06-09T20:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1215","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.09339,"ranking_epss":0.92775,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1215","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1215"],"published_time":"2020-06-09T20:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1216","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1230, CVE-2020-1260.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.09339,"ranking_epss":0.92775,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1216","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1216"],"published_time":"2020-06-09T20:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1219","summary":"A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.36646,"ranking_epss":0.97144,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1219","https://www.zerodayinitiative.com/advisories/ZDI-20-698/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1219","https://www.zerodayinitiative.com/advisories/ZDI-20-698/"],"published_time":"2020-06-09T20:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1194","summary":"A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations, aka 'Windows Registry Denial of Service Vulnerability'.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.9,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0013,"ranking_epss":0.32474,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1194","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1194"],"published_time":"2020-06-09T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1196","summary":"An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00262,"ranking_epss":0.49569,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1196","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1196"],"published_time":"2020-06-09T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1207","summary":"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1247, CVE-2020-1251, CVE-2020-1253, CVE-2020-1310.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00301,"ranking_epss":0.53521,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1207","https://www.zerodayinitiative.com/advisories/ZDI-20-692/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1207","https://www.zerodayinitiative.com/advisories/ZDI-20-692/"],"published_time":"2020-06-09T20:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0915","summary":"An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0916.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00274,"ranking_epss":0.5084,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0915","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0915"],"published_time":"2020-06-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0916","summary":"An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0915.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00274,"ranking_epss":0.5084,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0916","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0916"],"published_time":"2020-06-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0986","summary":"An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.14366,"ranking_epss":0.94433,"kev":true,"propose_action":"Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/160698/Microsoft-Windows-splWOW64-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0986","http://packetstormsecurity.com/files/160698/Microsoft-Windows-splWOW64-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0986","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0986"],"published_time":"2020-06-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1160","summary":"An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00587,"ranking_epss":0.69147,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1160","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1160"],"published_time":"2020-06-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1163","summary":"An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1170.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00228,"ranking_epss":0.45663,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1163","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1163"],"published_time":"2020-06-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1170","summary":"An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1163.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00155,"ranking_epss":0.3627,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/160919/Cloud-Filter-Arbitrary-File-Creation-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1170","http://packetstormsecurity.com/files/160919/Cloud-Filter-Arbitrary-File-Creation-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1170"],"published_time":"2020-06-09T20:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1174","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1175, CVE-2020-1176.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1174","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1174"],"published_time":"2020-05-21T23:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1175","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, CVE-2020-1176.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1175","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1175"],"published_time":"2020-05-21T23:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1176","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, CVE-2020-1175.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1176","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1176"],"published_time":"2020-05-21T23:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1179","summary":"An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1141, CVE-2020-1145.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.38184,"ranking_epss":0.97233,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1179","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1179"],"published_time":"2020-05-21T23:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1153","summary":"A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1153","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1153"],"published_time":"2020-05-21T23:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1154","summary":"An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00277,"ranking_epss":0.51145,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1154","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1154"],"published_time":"2020-05-21T23:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1136","summary":"A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1028, CVE-2020-1126, CVE-2020-1150.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.13814,"ranking_epss":0.94306,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1136","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1136"],"published_time":"2020-05-21T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1141","summary":"An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1145, CVE-2020-1179.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.0047,"ranking_epss":0.6462,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1141","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1141"],"published_time":"2020-05-21T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1143","summary":"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1054.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00061,"ranking_epss":0.19077,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1143","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1143"],"published_time":"2020-05-21T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1149","summary":"An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1151, CVE-2020-1155, CVE-2020-1156, CVE-2020-1157, CVE-2020-1158, CVE-2020-1164.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12481,"ranking_epss":0.93943,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1149","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1149"],"published_time":"2020-05-21T23:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1112","summary":"An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.","cvss":9.9,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":9.9,"cvss_v4":null,"epss":0.01366,"ranking_epss":0.80225,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1112","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1112"],"published_time":"2020-05-21T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1113","summary":"A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'.","cvss":7.5,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.5,"cvss_v4":null,"epss":0.01574,"ranking_epss":0.81576,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1113","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1113"],"published_time":"2020-05-21T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1114","summary":"An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1087.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00277,"ranking_epss":0.51145,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1114","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1114"],"published_time":"2020-05-21T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1116","summary":"An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure Vulnerability'.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00447,"ranking_epss":0.63542,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1116","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1116"],"published_time":"2020-05-21T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1125","summary":"An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1139, CVE-2020-1149, CVE-2020-1151, CVE-2020-1155, CVE-2020-1156, CVE-2020-1157, CVE-2020-1158, CVE-2020-1164.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.12134,"ranking_epss":0.93844,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1125","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1125"],"published_time":"2020-05-21T23:15:15","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1093","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1058, CVE-2020-1060.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.05133,"ranking_epss":0.89882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1093","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1093"],"published_time":"2020-05-21T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1108","summary":"A denial of service vulnerability exists when .NET Core or .NET Framework improperly handles web requests, aka '.NET Core & .NET Framework Denial of Service Vulnerability'.","cvss":7.5,"cvss_version":3.0,"cvss_v2":5.0,"cvss_v3":7.5,"cvss_v4":null,"epss":0.03788,"ranking_epss":0.88085,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1108","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1108"],"published_time":"2020-05-21T23:15:14","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1070","summary":"An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1048.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00242,"ranking_epss":0.47506,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1070","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1070"],"published_time":"2020-05-21T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1071","summary":"An elevation of privilege vulnerability exists when Windows improperly handles errors tied to Remote Access Common Dialog, aka 'Windows Remote Access Common Dialog Elevation of Privilege Vulnerability'.","cvss":6.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":6.8,"cvss_v4":null,"epss":0.00292,"ranking_epss":0.52603,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1071","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1071"],"published_time":"2020-05-21T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1072","summary":"An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00688,"ranking_epss":0.71776,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1072","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1072"],"published_time":"2020-05-21T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1076","summary":"A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00193,"ranking_epss":0.4131,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1076","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1076"],"published_time":"2020-05-21T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1078","summary":"An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0041,"ranking_epss":0.61354,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1078","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1078"],"published_time":"2020-05-21T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1079","summary":"An elevation of privilege vulnerability exists when the Windows fails to properly handle objects in memory, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1010, CVE-2020-1068.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00397,"ranking_epss":0.60532,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1079","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1079"],"published_time":"2020-05-21T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1081","summary":"An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00233,"ranking_epss":0.46248,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1081","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1081"],"published_time":"2020-05-21T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1092","summary":"A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1062.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.05133,"ranking_epss":0.89882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1092","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1092"],"published_time":"2020-05-21T23:15:13","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1054","summary":"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.80933,"ranking_epss":0.99152,"kev":true,"propose_action":"Microsoft Win32k contains a privilege escalation vulnerability when the Windows kernel-mode driver fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/160515/Microsoft-Windows-DrawIconEx-Local-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1054","http://packetstormsecurity.com/files/160515/Microsoft-Windows-DrawIconEx-Local-Privilege-Escalation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1054","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1054"],"published_time":"2020-05-21T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1058","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1060, CVE-2020-1093.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.05133,"ranking_epss":0.89882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1058","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1058"],"published_time":"2020-05-21T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1060","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1058, CVE-2020-1093.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.05133,"ranking_epss":0.89882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1060","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1060"],"published_time":"2020-05-21T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1061","summary":"A remote code execution vulnerability exists in the way that the Microsoft Script Runtime handles objects in memory, aka 'Microsoft Script Runtime Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.22869,"ranking_epss":0.95909,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1061","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1061"],"published_time":"2020-05-21T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1062","summary":"A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1092.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.28378,"ranking_epss":0.96526,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1062","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1062"],"published_time":"2020-05-21T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1064","summary":"A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.An attacker could execute arbitrary code in the context of the current user, aka 'MSHTML Engine Remote Code Execution Vulnerability'.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.09339,"ranking_epss":0.92775,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1064","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1064"],"published_time":"2020-05-21T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1067","summary":"A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.0,"cvss_v3":8.8,"cvss_v4":null,"epss":0.37874,"ranking_epss":0.97218,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1067","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1067"],"published_time":"2020-05-21T23:15:12","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0963","summary":"An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1141, CVE-2020-1145, CVE-2020-1179.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.29795,"ranking_epss":0.96647,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0963","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0963"],"published_time":"2020-05-21T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1010","summary":"An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1068, CVE-2020-1079.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00228,"ranking_epss":0.45663,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1010","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1010"],"published_time":"2020-05-21T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1035","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1058, CVE-2020-1060, CVE-2020-1093.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.05133,"ranking_epss":0.89882,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1035","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1035"],"published_time":"2020-05-21T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1048","summary":"An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.7449,"ranking_epss":0.98852,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["http://packetstormsecurity.com/files/158222/Windows-Print-Spooler-Privilege-Escalation.html","http://packetstormsecurity.com/files/159217/Microsoft-Spooler-Local-Privilege-Elevation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1048","http://packetstormsecurity.com/files/158222/Windows-Print-Spooler-Privilege-Escalation.html","http://packetstormsecurity.com/files/159217/Microsoft-Spooler-Local-Privilege-Elevation.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1048"],"published_time":"2020-05-21T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1051","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1174, CVE-2020-1175, CVE-2020-1176.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.42055,"ranking_epss":0.97449,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1051","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1051"],"published_time":"2020-05-21T23:15:11","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1027","summary":"An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.11856,"ranking_epss":0.93753,"kev":true,"propose_action":"An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/168068/Windows-sxs-CNodeFactory-XMLParser_Element_doc_assembly_assemblyIdentity-Heap-Buffer-Overflow.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1027","http://packetstormsecurity.com/files/168068/Windows-sxs-CNodeFactory-XMLParser_Element_doc_assembly_assemblyIdentity-Heap-Buffer-Overflow.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1027","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1027"],"published_time":"2020-04-15T15:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1094","summary":"An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00401,"ranking_epss":0.60803,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1094","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1094"],"published_time":"2020-04-15T15:15:21","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1002","summary":"An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.","cvss":7.1,"cvss_version":3.0,"cvss_v2":6.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00329,"ranking_epss":0.55901,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1002","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1002"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1003","summary":"An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1027.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00397,"ranking_epss":0.60532,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1003","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1003"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1004","summary":"An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00277,"ranking_epss":0.51145,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1004","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1004"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1005","summary":"An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00688,"ranking_epss":0.71776,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1005","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1005"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1007","summary":"An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0821.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00407,"ranking_epss":0.61188,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1007","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1007"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1008","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.33401,"ranking_epss":0.96933,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1008","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1008"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1009","summary":"An elevation of privilege vulnerability exists in the way that the Microsoft Store Install Service handles file operations in protected locations, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1011, CVE-2020-1015.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00544,"ranking_epss":0.6781,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1009","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1009"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1011","summary":"An elevation of privilege vulnerability exists when the Windows System Assessment Tool improperly handles file operations, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1015.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00544,"ranking_epss":0.6781,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1011","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1011"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1014","summary":"An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00467,"ranking_epss":0.64457,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1014","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1014"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1015","summary":"An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.1295,"ranking_epss":0.94089,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1015","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1015"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1016","summary":"An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka 'Windows Push Notification Service Information Disclosure Vulnerability'.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00633,"ranking_epss":0.70411,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1016","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1016"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-1020","summary":"A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0938.","cvss":8.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":8.8,"cvss_v4":null,"epss":0.85678,"ranking_epss":0.99377,"kev":true,"propose_action":"Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1020","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1020","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-1020"],"published_time":"2020-04-15T15:15:20","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0987","summary":"An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-1005.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.01997,"ranking_epss":0.8368,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0987","https://www.zerodayinitiative.com/advisories/ZDI-20-647/","https://www.zerodayinitiative.com/advisories/ZDI-20-876/","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0987","https://www.zerodayinitiative.com/advisories/ZDI-20-647/","https://www.zerodayinitiative.com/advisories/ZDI-20-876/"],"published_time":"2020-04-15T15:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0988","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, CVE-2020-1008.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.33401,"ranking_epss":0.96933,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0988","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0988"],"published_time":"2020-04-15T15:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0992","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, CVE-2020-1008.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.33401,"ranking_epss":0.96933,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0992","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0992"],"published_time":"2020-04-15T15:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0993","summary":"A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'.","cvss":6.5,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":6.5,"cvss_v4":null,"epss":0.09389,"ranking_epss":0.92795,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0993","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0993"],"published_time":"2020-04-15T15:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0994","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0995, CVE-2020-0999, CVE-2020-1008.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.40161,"ranking_epss":0.9735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0994","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0994"],"published_time":"2020-04-15T15:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0995","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994, CVE-2020-0999, CVE-2020-1008.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.34064,"ranking_epss":0.96984,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0995","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0995"],"published_time":"2020-04-15T15:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0999","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995, CVE-2020-1008.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.33401,"ranking_epss":0.96933,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0999","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0999"],"published_time":"2020-04-15T15:15:19","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0966","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0967.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.31833,"ranking_epss":0.96815,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0966","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0966"],"published_time":"2020-04-15T15:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0967","summary":"A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0966.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.17912,"ranking_epss":0.95157,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0967","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0967"],"published_time":"2020-04-15T15:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0968","summary":"A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0970.","cvss":7.5,"cvss_version":3.0,"cvss_v2":7.6,"cvss_v3":7.5,"cvss_v4":null,"epss":0.43673,"ranking_epss":0.97533,"kev":true,"propose_action":"Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution.","ransomware_campaign":"Unknown","references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0968","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0968","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0968"],"published_time":"2020-04-15T15:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0982","summary":"An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0987, CVE-2020-1005.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00973,"ranking_epss":0.76718,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0982","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0982"],"published_time":"2020-04-15T15:15:18","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0952","summary":"An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.","cvss":6.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":6.5,"cvss_v4":null,"epss":0.305,"ranking_epss":0.96716,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0952","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0952"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0953","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, CVE-2020-1008.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.40161,"ranking_epss":0.9735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0953","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0953"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0955","summary":"An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure in CPU Memory Access'.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00633,"ranking_epss":0.70411,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0955","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0955"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0956","summary":"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0957, CVE-2020-0958.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00277,"ranking_epss":0.51145,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0956","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0956"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0958","summary":"An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0956, CVE-2020-0957.","cvss":7.8,"cvss_version":3.0,"cvss_v2":7.2,"cvss_v3":7.8,"cvss_v4":null,"epss":0.00277,"ranking_epss":0.51145,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0958","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0958"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0959","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, CVE-2020-1008.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.40161,"ranking_epss":0.9735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0959","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0959"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0960","summary":"A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, CVE-2020-1008.","cvss":7.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":7.8,"cvss_v4":null,"epss":0.40161,"ranking_epss":0.9735,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0960","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0960"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0962","summary":"An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0699.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00973,"ranking_epss":0.76718,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0962","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0962"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0964","summary":"A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.","cvss":8.8,"cvss_version":3.0,"cvss_v2":9.3,"cvss_v3":8.8,"cvss_v4":null,"epss":0.32484,"ranking_epss":0.96866,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0964","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0964"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0965","summary":"A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'.","cvss":7.8,"cvss_version":3.0,"cvss_v2":4.6,"cvss_v3":7.8,"cvss_v4":null,"epss":0.0125,"ranking_epss":0.79354,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0965","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0965"],"published_time":"2020-04-15T15:15:17","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0936","summary":"An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'.","cvss":7.1,"cvss_version":3.0,"cvss_v2":3.6,"cvss_v3":7.1,"cvss_v4":null,"epss":0.00371,"ranking_epss":0.58927,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0936","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0936"],"published_time":"2020-04-15T15:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0938","summary":"A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1020.","cvss":7.8,"cvss_version":3.0,"cvss_v2":6.8,"cvss_v3":7.8,"cvss_v4":null,"epss":0.8702,"ranking_epss":0.99441,"kev":true,"propose_action":"Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.","ransomware_campaign":"Unknown","references":["http://packetstormsecurity.com/files/161299/Apple-CoreText-libFontParser.dylib-Stack-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0938","http://packetstormsecurity.com/files/161299/Apple-CoreText-libFontParser.dylib-Stack-Corruption.html","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0938","https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0938"],"published_time":"2020-04-15T15:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0945","summary":"An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0937, CVE-2020-0939, CVE-2020-0946, CVE-2020-0947.","cvss":5.5,"cvss_version":3.0,"cvss_v2":4.3,"cvss_v3":5.5,"cvss_v4":null,"epss":0.27512,"ranking_epss":0.96438,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0945","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0945"],"published_time":"2020-04-15T15:15:16","vendor":null,"product":null,"version":null},{"cve_id":"CVE-2020-0821","summary":"An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1007.","cvss":5.5,"cvss_version":3.0,"cvss_v2":2.1,"cvss_v3":5.5,"cvss_v4":null,"epss":0.00282,"ranking_epss":0.51612,"kev":false,"propose_action":null,"ransomware_campaign":null,"references":["https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0821","https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0821"],"published_time":"2020-04-15T15:15:14","vendor":null,"product":null,"version":null}]}