| CVE-2019-1315 | High | MicrosoftWindows | A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. | Mar 15, 2022 | KEV |
| CVE-2019-1253 | High | MicrosoftWindows | A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions. | Mar 15, 2022 | KEV |
| CVE-2019-1132 | High | MicrosoftWin32k | A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. | Mar 15, 2022 | KEV |
| CVE-2019-1129 | High | MicrosoftWindows | A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. | Mar 15, 2022 | KEV |
| CVE-2019-1069 | High | MicrosoftTask Scheduler | A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations. | Mar 15, 2022 | KEV |
| CVE-2019-1064 | High | MicrosoftWindows | A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. | Mar 15, 2022 | KEV |
| CVE-2019-0543 | High | MicrosoftWindows | A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context. | Mar 15, 2022 | KEV |
| CVE-2018-8120 | High | MicrosoftWin32k | A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. | Mar 15, 2022 | KEV |
| CVE-2017-0101 | High | MicrosoftWindows | A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. | Mar 15, 2022 | KEV |
| CVE-2016-3309 | High | MicrosoftWindows | A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. | Mar 15, 2022 | KEV |
| CVE-2015-2546 | High | MicrosoftWin32k | The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application. | Mar 15, 2022 | KEV |
| CVE-2017-6077 | High | NETGEARWireless Router DGN2200 | NETGEAR DGN2200 wireless routers contain a vulnerability that allows for remote code execution. | Mar 7, 2022 | KEV |
| CVE-2022-26486 | High | MozillaFirefox | Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution. | Mar 7, 2022 | KEV |
| CVE-2022-26485 | High | MozillaFirefox | Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution. | Mar 7, 2022 | KEV |
| CVE-2021-21973 | High | VMwarevCenter Server and Cloud Foundation | VMware vCenter Server and Cloud Foundation Server contain a SSRF vulnerability due to improper validation of URLs in a vCenter Server plugin. This allows for information disclosure. | Mar 7, 2022 | KEV |
| CVE-2020-8218 | High | Pulse SecurePulse Connect Secure | A code injection vulnerability exists in Pulse Connect Secure that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface. | Mar 7, 2022 | KEV |
| CVE-2019-11581 | High | AtlassianJira Server and Data Center | Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution. | Mar 7, 2022 | KEV |
| CVE-2016-6277 | High | NETGEARMultiple Routers | NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution. | Mar 7, 2022 | KEV |
| CVE-2013-0631 | High | AdobeColdFusion | Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server. | Mar 7, 2022 | KEV |
| CVE-2013-0629 | High | AdobeColdFusion | Adobe Coldfusion contains a directory traversal vulnerability, which could permit an unauthorized user access to restricted directories. | Mar 7, 2022 | KEV |