CVE-2020-16940

The CVE-2020-16940 issue is an elevation of privilege in Windows computing environments caused by the Windows User Profile Service (ProfSvc) mishandling junction points. The vulnerability allows an attacker who can log on to exploit a specially crafted application to delete files or folders with ...

CVE-2020-0785

An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'...

The vulnerability of the ProfSvc service in Windows operating systems, which allows a hacker to increase their privileges

The vulnerability of the ProfSvc service in Windows operating systems is related to deficiencies in handling symbolic links. Exploiting this vulnerability can allow an attacker to increase their privileges...

CVE-2020-0730

An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'...

CVE-2019-1454

An elevation of privilege vulnerability exists when the Windows User Profile Service ProfSvc improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'...

KB4525236: Windows 10 Version 1607 and Windows Server 2016 November 2019 Security Update

The remote Windows host is missing security update 4525236. It is, therefore, affected by multiple vulnerabilities : - A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating...

CVE-2015-0004

CVE-2015-0004 concerns a local privilege-escalation in the Windows User Profile Service (ProfSvc). According to the provided sources, the vulnerability is exploited by a junction attack that loads another user’s UsrClass.dat registry hive, enabling local users to gain privileges. Affected product...