Filtered by vendor Microsoft Subscriptions
Filtered by product Windows Server 2019 Subscriptions
Total 4002 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-17612 2 Microsoft, Sennheiser 9 Windows 10, Windows 7, Windows 8.1 and 6 more 2024-11-21 N/A
Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) certificates into the Trusted Root CA store of the local system, and publishes the private key in the SennComCCKey.pem file within the public software distribution, which allows remote attackers to spoof arbitrary web sites or software publishers for several years, even if the HeadSetup product is uninstalled. NOTE: a vulnerability-assessment approach must check all Windows systems for CA certificates with a CN of 127.0.0.1 or SennComRootCA, and determine whether those certificates are unwanted.
CVE-2024-7553 2 Microsoft, Mongodb 24 Windows 10 1507, Windows 10 1511, Windows 10 1607 and 21 more 2024-09-19 7.3 High
Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1. Required Configuration: Only environments with Windows as the underlying operating system is affected by this issue