Microsoft Vulnerabilities

This vulnerability allows an attacker to take control of a Windows 10 system by exploiting flaws in how the operating system handles certain fonts, enabling them to install programs, access or delete data, and create new user accounts. To exploit this, the attacker must trick users into visiting a malicious website or opening a specially crafted document file.

This vulnerability allows an attacker to access sensitive information from a user's system, which could help them take further control of it. To exploit this, the attacker might trick the user into opening a malicious document or visiting a harmful website.

This vulnerability allows an attacker to run any code they want on a user's computer if they can trick the user into visiting a specially crafted website using Microsoft Edge. If the user has administrative rights, the attacker could take full control of the system, install programs, and access or delete files.

This vulnerability allows an attacker to run any code they choose on a victim's computer if the victim visits a specially crafted website using Microsoft Edge. If the victim has administrative rights, the attacker could take full control of the system, install programs, or access sensitive data.

This vulnerability allows an attacker to run malicious code on a user's system through Microsoft Edge, potentially giving them the same access rights as the user. If the user has administrative rights, the attacker could take full control of the system by tricking the user into visiting a specially crafted website.

This vulnerability allows an attacker to run any code they choose on a victim's computer if the victim visits a malicious website or opens a compromised document in Internet Explorer. If the victim has administrative rights, the attacker could take full control of the system, install software, and access or delete files.

An attacker can exploit this vulnerability to run malicious code on a user's system, potentially gaining the same access rights as that user. If the user has administrative privileges, the attacker could take full control of the system by tricking them into visiting a specially crafted website.

An attacker can exploit this vulnerability to access sensitive information from a user's system, potentially leading to further attacks. However, they need to be authenticated and must run a specially crafted application on the target machine to take advantage of this flaw.

This vulnerability allows an attacker to run malicious code on a user's system, potentially taking full control of it. To exploit this, the attacker needs to trick the user into clicking a link to a specially crafted website that uses Internet Explorer to process harmful XML content.

This vulnerability allows an attacker to access sensitive information from a user's system by exploiting flaws in how Microsoft Edge handles data in memory. To succeed, the attacker must trick the user into visiting a malicious website or clicking on a harmful link, as there’s no way for the attacker to force the user to do so.

An attacker can run malicious code on the main server hosting Hyper-V by tricking it through a specially crafted application on a guest operating system. This requires the attacker to have access to that guest operating system, making it crucial for organizations to secure their virtual environments.

An attacker can take control of a Windows 10 machine by sending specially crafted DHCP responses to it, allowing them to run any code they choose. This requires the attacker to be on the same network as the target device, making it crucial to secure your network from unauthorized access.

An attacker with a privileged account on a virtual machine can crash the host server by running a specially crafted application. This vulnerability relies on the attacker already having elevated access within the guest operating system.

This vulnerability allows an attacker to run malicious code on the host operating system from a guest virtual machine, potentially giving them control over the entire server. To exploit this, the attacker must have access to the guest operating system, meaning they need to be able to run applications there.

An attacker with a privileged account on a virtual machine can crash the host server by running a specially crafted application, causing a denial of service. This vulnerability affects systems using Microsoft Hyper-V Network Switch, and it requires the attacker to already have elevated access within the guest operating system.

An attacker with a privileged account on a virtual machine can crash the host server by running a specially crafted application, leading to a denial of service. This vulnerability specifically affects the Microsoft Hyper-V Network Switch, and it requires the attacker to already have elevated access on the guest operating system.

An attacker can cause a Windows 10 system to freeze and stop responding by logging in and running a specially crafted application. However, they cannot execute malicious code or gain higher privileges through this vulnerability.

An attacker with a privileged account on a virtual machine can crash the host server by running a specially crafted application, disrupting services for all users. This vulnerability requires the attacker to already have elevated access within the guest operating system.

An attacker with a privileged account on a virtual machine can crash the host server by running a specially crafted application, leading to a denial of service. This vulnerability requires the attacker to already have elevated access within the guest operating system.

This vulnerability allows an attacker to run any code they choose on a victim's computer by tricking them into visiting a malicious web page. It affects certain versions of Windows, including Server 2003, and requires the user to have the vulnerable ActiveX control enabled in their browser.