Microsoft

Windows

97 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.08%
  • Veröffentlicht 05.03.2026 16:16:19
  • Zuletzt bearbeitet 25.03.2026 15:47:08

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'), Use of Password Hash With Insufficient Computational Effort vulnerability in rustdesk-client RustDesk Client rustdesk, hbb_common on Windows, MacOS, Linux (Pas...

  • EPSS 0.41%
  • Veröffentlicht 25.02.2026 18:57:02
  • Zuletzt bearbeitet 15.04.2026 00:35:42

This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an u...

  • EPSS 0.22%
  • Veröffentlicht 08.09.2025 00:00:00
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control (WDAC) policy. Entries that specify only the to-be-signed (TBS) part of the code signer certificate are properly blocked, but entries that specify the s...

  • EPSS 0.22%
  • Veröffentlicht 08.09.2025 00:00:00
  • Zuletzt bearbeitet 15.04.2026 00:35:42

The on-endpoint Microsoft vulnerable driver blocklist is not fully synchronized with the online Microsoft recommended driver block rules. Some entries present on the online list have been excluded from the on-endpoint blocklist longer than the expect...

Medienbericht
  • EPSS 63.1%
  • Veröffentlicht 26.08.2025 16:25:15
  • Zuletzt bearbeitet 05.11.2025 21:15:36

Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vul...

  • EPSS 0%
  • Veröffentlicht 02.07.2025 19:25:27
  • Zuletzt bearbeitet 24.07.2025 07:15:53

Rejected reason: Neither filed by Chrome nor a valid security vulnerability.

  • EPSS 2.72%
  • Veröffentlicht 08.04.2025 17:23:36
  • Zuletzt bearbeitet 10.07.2025 15:52:05

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

Exploit
  • EPSS 0.82%
  • Veröffentlicht 18.12.2024 23:15:07
  • Zuletzt bearbeitet 26.08.2025 16:09:46

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specia...

Exploit
  • EPSS 0.74%
  • Veröffentlicht 18.12.2024 23:15:07
  • Zuletzt bearbeitet 26.08.2025 16:11:12

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specia...

  • EPSS 0.27%
  • Veröffentlicht 28.05.2024 17:15:10
  • Zuletzt bearbeitet 15.04.2026 00:35:42

Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resol...