Security Vulnerabilities - CVEs Published In January 2021
Windows Event Tracing Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.003
Published
2021-01-12
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.005
Published
2021-01-12
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.012
Published
2021-01-12
GDI+ Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.098
Published
2021-01-12
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.012
Published
2021-01-12
Remote Procedure Call Runtime Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.07
Published
2021-01-12
Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
CVSS Score
7.8
EPSS Score
0.033
Published
2021-01-12
Microsoft SQL Elevation of Privilege Vulnerability
CVSS Score
8.8
EPSS Score
0.029
Published
2021-01-12
Windows DNS Query Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.004
Published
2021-01-12
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate as the locally exchanged public key
CVSS Score
7.7
EPSS Score
0.004
Published
2021-01-12