Microsoft Security Vulnerabilities

CVE-2022-38029

Windows ALPC Elevation of Privilege...

CVE-2022-38047

Windows Point-to-Point Tunneling Protocol Remote Code Execution...

CVE-2020-1503

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...

CVE-2022-34731

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution...

CVE-2022-34730

Microsoft ODBC Driver Remote Code Execution...

CVE-2021-42277

Diagnostics Hub Standard Collector Elevation of Privilege...

CVE-2022-26934

Windows Graphics Component Information Disclosure...

CVE-2022-37955

Windows Group Policy Elevation of Privilege...

CVE-2020-1583

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special...

CVE-2022-22035

Windows Point-to-Point Tunneling Protocol Remote Code Execution...

CVE-2020-1476

An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files. To exploit this vulnerability, an attacker would need to...

CVE-2019-0718

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To exploit the...

CVE-2022-35833

Windows Secure Channel Denial of Service...

CVE-2022-29126

Tablet Windows User Interface Application Core Elevation of Privilege...

CVE-2022-38027

Windows Storage Elevation of Privilege...

CVE-2020-1533

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a...

CVE-2019-1151

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data;....

CVE-2022-38045

Windows Server Service Elevation of Privilege...

CVE-2022-37965

Windows Point-to-Point Tunneling Protocol Denial of Service...

CVE-2020-1521

An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...

CVE-2020-1515

An elevation of privilege vulnerability exists when the Windows Telephony Server improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...

CVE-2020-1538

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...

CVE-2022-41103

Microsoft Word Information Disclosure...

CVE-2021-31971

Windows HTML Platforms Security Feature Bypass...

CVE-2020-1529

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete.....

CVE-2020-1383

An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system To exploit this vulnerability, an attacker would need to run a...

CVE-2019-1181

A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction......

CVE-2021-42282

Active Directory Domain Services Elevation of Privilege...

CVE-2020-1470

An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The.....

CVE-2020-1547

An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...

CVE-2020-1540

An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...

CVE-2020-1539

An elevation of privilege vulnerability exists when the Windows Backup Engine improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The...

CVE-2021-43224

Windows Common Log File System Driver Information Disclosure...

CVE-2022-41060

Microsoft Word Information Disclosure...

CVE-2021-38662

Windows Fast FAT File System Driver Information Disclosure...

CVE-2022-29103

Windows Remote Access Connection Manager Elevation of Privilege...

CVE-2022-29128

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution...

CVE-2022-22014

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution...

CVE-2022-26935

Windows WLAN AutoConfig Service Information Disclosure...

CVE-2022-41089

.NET Framework Remote Code Execution...

CVE-2021-31973

Windows GPSVC Elevation of Privilege...

CVE-2022-30138

Windows Print Spooler Elevation of Privilege...

CVE-2022-23270

Windows Point-to-Point Tunneling Protocol Remote Code Execution...

CVE-2022-22049

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege...

CVE-2021-40469

Windows DNS Server Remote Code Execution...

CVE-2021-42278

Active Directory Domain Services Elevation of Privilege...

CVE-2021-42280

Windows Feedback Hub Elevation of Privilege...

CVE-2022-37990

Windows Kernel Elevation of Privilege...

CVE-2023-21728

Windows Netlogon Denial of Service...

CVE-2022-41077

Windows Fax Compose Form Elevation of Privilege...